forked from merttasci/csrf-poc-generator
-
Notifications
You must be signed in to change notification settings - Fork 2
/
index.html
executable file
·110 lines (110 loc) · 8.16 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>CSRF PoC Generator Online | A simple online CSRF PoC generator tool that creates a CSRF PoC form to any HTTP request. This function can be used to generate a proof-of-concept (PoC) cross-site request forgery (CSRF) attack for a given request - Read & Watch InfoSec.</title>
<meta name="description" content="A simple online CSRF PoC generator tool that creates a CSRF PoC form to any HTTP request. This function can be used to generate a proof-of-concept (PoC) cross-site request forgery (CSRF) attack for a given request - Read & Watch InfoSec.">
<!-- Social: Twitter -->
<meta property="twitter:card" content="summary_large_image"/>
<meta property="twitter:title" content="CSRF PoC Generator Online | A simple online CSRF PoC generator tool that creates a CSRF PoC form to any HTTP request. This function can be used to generate a proof-of-concept (PoC) cross-site request forgery (CSRF) attack for a given request - Read & Watch InfoSec."/>
<meta property="twitter:description" content="A simple online CSRF PoC generator tool that creates a CSRF PoC form to any HTTP request. This function can be used to generate a proof-of-concept (PoC) cross-site request forgery (CSRF) attack for a given request - Read & Watch InfoSec."/>
<meta property="twitter:image" content="https://csrf.infos3c.net/imgs/csrf.png"/>
<meta name="twitter:site" content="@Infos3cNET">
<!-- Social: Facebook / Open Graph -->
<meta property="og:url" content="https://csrf.infos3c.net/">
<meta property="og:title" content="CSRF PoC Generator Online | A simple online CSRF PoC generator tool that creates a CSRF PoC form to any HTTP request. This function can be used to generate a proof-of-concept (PoC) cross-site request forgery (CSRF) attack for a given request - Read & Watch InfoSec.">
<meta property="og:image" content="https://csrf.infos3c.net/imgs/csrf.png">
<meta property="og:description" content="A simple online CSRF PoC generator tool that creates a CSRF PoC form to any HTTP request. This function can be used to generate a proof-of-concept (PoC) cross-site request forgery (CSRF) attack for a given request - Read & Watch InfoSec.">
<meta property="og:site_name" content="CSRF PoC Generator Online">
<link href='https://fonts.googleapis.com/css?family=Titillium+Web&subset=latin,latin-ext' rel='stylesheet' type='text/css'>
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<script src="https://code.jquery.com/jquery-3.0.0.min.js" integrity="sha256-JmvOoLtYsmqlsWxa7mDSLMwa6dZ9rrIdtrrVYRnDRH0=" crossorigin="anonymous"></script>
<script src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="js/FileSaver.min.js"></script>
<script type="text/javascript" src="js/clipboard.min.js"></script>
</head>
<body>
<a href="https://github.com/saajanbhujel/csrf-poc-generator" target="_blank" class="github-corner" aria-label="View source on GitHub">
<svg width="80" height="80" viewBox="0 0 250 250" style="fill:#000000; color:#fff; position: absolute; top: 0; border: 0; right: 0;" aria-hidden="true">
<path d="M0,0 L115,115 L130,115 L142,142 L250,250 L250,0 Z"></path>
<path d="M128.3,109.0 C113.8,99.7 119.0,89.6 119.0,89.6 C122.0,82.7 120.5,78.6 120.5,78.6 C119.2,72.0 123.4,76.3 123.4,76.3 C127.3,80.9 125.5,87.3 125.5,87.3 C122.9,97.6 130.6,101.9 134.4,103.2" fill="currentColor" style="transform-origin: 130px 106px;" class="octo-arm"></path>
<path d="M115.0,115.0 C114.9,115.1 118.7,116.5 119.8,115.4 L133.7,101.6 C136.9,99.2 139.9,98.4 142.2,98.6 C133.8,88.0 127.5,74.4 143.8,58.0 C148.5,53.4 154.0,51.2 159.7,51.0 C160.3,49.4 163.2,43.6 171.4,40.1 C171.4,40.1 176.1,42.5 178.8,56.2 C183.1,58.6 187.2,61.8 190.9,65.4 C194.5,69.0 197.7,73.2 200.1,77.6 C213.8,80.2 216.3,84.9 216.3,84.9 C212.7,93.1 206.9,96.0 205.4,96.6 C205.1,102.4 203.0,107.8 198.3,112.5 C181.9,128.9 168.3,122.5 157.7,114.1 C157.9,116.9 156.7,120.9 152.7,124.9 L141.0,136.5 C139.8,137.7 141.6,141.9 141.8,141.8 Z" fill="currentColor" class="octo-body"></path>
</svg>
</a>
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<div class="page-header">
<h1>
CSRF PoC Generator
<small style="color:#626262;">to save your time..
<span class="socialConnect">
<a href="https://twitter.com/Infos3cNET" title="Twitter" target="_blank" style="color:#0041de;"><svg xmlns="http://www.w3.org/2000/svg" x="0px" y="0px" width="32" height="32" viewBox="0 0 48 48"> <path fill="#03a9f4" d="M24,4C12.954,4,4,12.954,4,24s8.954,20,20,20s20-8.954,20-20S35.046,4,24,4z"></path><path fill="#fff" d="M36,17.12c-0.882,0.391-1.999,0.758-3,0.88c1.018-0.604,2.633-1.862,3-3 c-0.951,0.559-2.671,1.156-3.793,1.372C29.789,13.808,24,14.755,24,20v2c-4,0-7.9-3.047-10.327-6c-2.254,3.807,1.858,6.689,2.327,7 c-0.807-0.025-2.335-0.641-3-1c0,0.016,0,0.036,0,0.057c0,2.367,1.661,3.974,3.912,4.422C16.501,26.592,16,27,14.072,27 c0.626,1.935,3.773,2.958,5.928,3c-2.617,2.029-7.126,2.079-8,1.977c8.989,5.289,22.669,0.513,21.982-12.477 C34.95,18.818,35.342,18.104,36,17.12"></path> </svg></a>
<a href="https://www.linkedin.com/company/infos3c/" title="Linkedin" target="_blank" style="color:#0041de;"><svg xmlns="http://www.w3.org/2000/svg" x="0px" y="0px" width="32" height="32" viewBox="0 0 48 48"> <path fill="#0288d1" d="M24 4A20 20 0 1 0 24 44A20 20 0 1 0 24 4Z"></path><path fill="#fff" d="M14 19H18V34H14zM15.988 17h-.022C14.772 17 14 16.11 14 14.999 14 13.864 14.796 13 16.011 13c1.217 0 1.966.864 1.989 1.999C18 16.11 17.228 17 15.988 17zM35 24.5c0-3.038-2.462-5.5-5.5-5.5-1.862 0-3.505.928-4.5 2.344V19h-4v15h4v-8c0-1.657 1.343-3 3-3s3 1.343 3 3v8h4C35 34 35 24.921 35 24.5z"></path> </svg></a>
</span>
</small>
</h1>
</div>
</div>
</div>
<div class="container-fluid new-container-fluid">
<div class="radioBorder">
<b>Protocol:-</b>
<label class="radio-inline" >
<input type="radio" id="httpradio" name="protocol">HTTP
</label>
<label class="radio-inline">
<input type="radio" id="httpsradio" name="protocol" checked>HTTPS
</label>
</div>
<div class="radioBorder">
<b>Auto Submit:-</b>
<label class="radio-inline">
<input type="radio" id="checkauto-1" name="dontUseAutoSubmit" checked>On
</label>
<label class="radio-inline">
<input type="radio" id="checkauto-2" name="dontUseAutoSubmit">Off
</label>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">
<span class="glyphicon glyphicon-registration-mark" aria-hidden="true"></span> REQUEST
</h3>
</div>
<div class="panel-body" style="padding:0">
<textarea style="border:none; background-color: white; padding:10px; width:100%; height:400px" placeholder="Paste the request." id="request"></textarea>
</div>
<div class="panel-footer">
<button type="button" class="btn btn-success" id="generate">Generate PoC Form</button>
</div>
</div>
</div>
<div class="col-md-6">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">
<span class="glyphicon glyphicon-align-left" aria-hidden="true"></span> CSRF PoC FORM
</h3>
</div>
<div class="panel-body" style="padding:0">
<textarea style="border:none; background-color: white; padding:10px; width:100%; height:400px" placeholder="PoC will be here." id="poc" spellcheck="false" oninput="update(this.value); sync_scroll(this);" onscroll="sync_scroll(this);" onkeydown="check_tab(this, event);"></textarea>
</div>
<div class="panel-footer">
<button type="button" class="btn btn-success" id="copy" data-clipboard-target="#poc">Copy It</button>
<button type="button" class="btn btn-success" id="save">Save as HTML</button>
</div>
</div>
<script type="text/javascript">
var clipboard = new Clipboard('#copy');
</script>
</div>
</div>
</div>
<script src="js/generate.js"></script>
</body>
</html>