Monday 18 March 2013

Cross Site Request Forgery (CSRF) Attack Tutorial




? What is Cross site request Forgery (CSRF) 

                                    Cross-site request forgery (XSRF or CSRF) is a method of attacking a web site in which an intruder masquerades as a legitimate and trusted user. An XSRF attack can be used to modify firewall settings, post unauthorized data on a forum or conduct fraudulent financial transactions. A compromised user may never know that such an attack has occurred. If the user does find out about an attack, it may only be after the damage has been done and a remedy may be impossible.

An XSRF attack can be executed by stealing the identity of an existing user and then hacking into a Web server using that identity. An attacker may also trick a legitimate user into unknowingly sending Hypertext Transfer Protocol (HTTP) requests that return sensitive user data to the intruder.



? Requirements ?      







? How to Perform CSRF attack ?



1.              # Setup your Pen-testing lab using DVWA

  • Create Pen-test lab using DVWA (Click here to learn)
  • Start your DVWA and change Security Level to "Low"

  • Select "CSRF" from the left Navigaton Menu :-



2.        # Now it's time to Perform CSRF attack.
  • Basic CSRF test of Vulnerability.
  • Well !! default password of DVWA is "password".
  • Change the current password with any new password








  • After changing password do not click anywhere in webpage of DVWA and you will get a successful message of password change as shown in the below Image >>








  • But what is the real purpose of this method ? What we got by doing this Process ? Now the most important in this CSRF attack is URL, after getting successful message of password changed, just look at URL of webpage.














  • See how the URL string has the below two parameteres seperated by a "&".

    a. password_new=w0rm
    b. password_conf=w0rm
  • This is DVWA's  example of bad implementation of how to change a password on a web application  for the following reasons :-
    a. http is being used instead of https, which means this password change was in clear text.
    b. An attacker could manipulate the URL string using the address bar or curl to change the password.

  • # Now it's time to Address bar CSRF test.
  • In the URL, after password_new=,replace w0rm with w0rm3d.
  • In the URL, after password_conf=,replace w0rm with w0rm3d.
  • Now Reload your webpage.
  • And now see your Password will be changed :)

  • Now Copy that URL into Notepad.












  • CSRF Vulnerability is really very serious vulnerability to change admin password or any user password with Cookie stealing or SET attacks.
  • CSRF vulnerability basically found in HTML form or pages using that URL you will not require authenciation permission and you can Explode CSRF Vulnerability.
  • URL that we got after second process is the CSRF Vulnerability which can be exploded and can be hacked !!... 
at
Labels: , , ,

1 comment:

felisha green said...

Do you need to increase your credit score?
Do you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com

26 September 2020 at 03:38

Post a Comment

Subscribe to: Post Comments (Atom)