Pre-login XSS - practice

Attackers can steal credentials by manipulating form action
avatar
unknown
php
3 years ago
2.5 kB
922
Indexable
<?php
// check if the form was submitted
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  // get the username and password from the form
  $username = isset($_POST['username']) ? $_POST['username'] : "";
  $password = isset($_POST['password']) ? $_POST['password'] : "";

  // check if the credentials are valid
  if ($username === 'jksdyf7y3748723@#@%' && $password === 'jksdyf7y3748723@#@%') {
    // redirect to the dashboard or homepage
    header('Location: dashboard.php');
    exit;
  } else {
    // redirect back to the login page with an error message
    $error_message = 'Invalid username or password. Please try again.';
    header('Location: auth.php?error=' . urlencode($error_message));
    exit;
  }
}
?>

<!DOCTYPE html>
<html lang="en">
<head>
<!-- Author: Bipin Jitiya
     Website: win3zz.com
     Twitter: @win3zz -->

  <title>Login</title>
  <style>
    body {
      font-family: sans-serif;
      background-color: #f1f1f1;
      padding: 20px;
    }

    form {
      background-color: #fff;
      border-radius: 5px;
      box-shadow: 0 0 10px rgba(0, 0, 0, 0.2);
      padding: 20px;
      max-width: 400px;
      margin: 0 auto;
    }

    label {
      display: block;
      font-weight: bold;
      margin-bottom: 5px;
    }

    input[type="text"],
    input[type="password"] {
      border: 1px solid #ccc;
      border-radius: 3px;
      padding: 5px;
      width: 100%;
      margin-bottom: 10px;
      box-sizing: border-box;
    }

    button[type="submit"] {
      background-color: #007bff;
      color: #fff;
      border: none;
      border-radius: 3px;
      padding: 10px 20px;
      cursor: pointer;
    }

    button[type="submit"]:hover {
      background-color: #0069d9;
    }

    .error {
      color: #f44336;
      margin-top: 10px;
    }
  </style>
</head>
<body>


  <form action="auth.php" method="post">
    <label for="username">Username:</label>
    <input type="text" id="username" name="username" required>

    <label for="password">Password:</label>
    <input type="password" id="password" name="password" required>

    <button type="submit">Login</button>
    <?php
    // check if an error message was passed in the URL
    if (isset($_GET['error'])) {
      $error_message = $_GET['error'];
      echo '<p class="error">' . $error_message . '</p>';
    }
    ?>
  </form>

</body>
</html>
Editor is loading...