Author Topic: CSRF Exploitation (Read 960 times)

h4ck3r1987 · « **on:** February 06, 2016, 06:56:51 pm »

Hi all,

I have a some query can any one clear my doubts with example.

Q: How can i exploit it If CSRF Token travel in url on post request ?

blindfuzzy · « **Reply #1 on:** February 07, 2016, 08:25:33 pm »

Quote from: h4ck3r1987 on February 06, 2016, 07:03:05 pm

Ummm, GET and POST requests can be easily made through HTML forms, images, script tags etc... I'd worry less about CSRF exploitation if you are asking that question. You need to do some research.

neoxquick · « **Reply #2 on:** February 08, 2016, 02:39:04 am »

here is link:
http://www.mcafee.com/sg/resources/white-papers/wp-csrf-attack-defense.pdf

read it .. i think it can help you ..

bye N

x40a0e · « **Reply #3 on:** February 09, 2016, 01:21:18 am »

If there is a CSRF token (sounds like there is) it may not be possible. If the token is static and does not change across page loads / sessions, then you should be able to exploit it, but if it is a randomly generated dynamic token, you're basically SOL.

EvilZone

News:

Author Topic: CSRF Exploitation (Read 960 times)

h4ck3r1987

CSRF Exploitation

blindfuzzy

Re: CSRF Exploitation

neoxquick

Re: CSRF Exploitation

x40a0e

Re: CSRF Exploitation