0x0 Web - Client

samedi 8 juillet 2017, 11:11  #1
Web - Client CSFR 0 Protection
lorenzodeg
  • 2 posts

Hi ! I tried to resolve this challenge with HTML injection. I write a form in Contact form like Profile’s one with Status enable with an onload method but the administrator hasn’t never read my post ! I don’t have any idea !

dimanche 9 juillet 2017, 12:29  #2
Web - Client CSFR 0 Protection
Defte
  • 68 posts

Probably your payloard that doesn’t work

vendredi 17 novembre 2017, 12:51  #3
Web - Client CSFR 0 Protection

I tried send iframe, and in bind submit to body tag on remote page. But it did not work, I need some hints

vendredi 9 novembre 2018, 01:59  #4
Web - Client CSFR 0 Protection
eduffis
  • 1 posts

Hello i make a script to steel the admin cookie, the javascript execute ok on the admin side but it returns NULL, any idea ? :-)