CSRF is the attack that forces end-user to execute unwanted action.
Injection point for CSRF
1) CSRF on Logout Page (Get based) If you send CSRF HTML code to victim and victim directly gets logout than there is CSRF based vulnerability.
STEPS
Click on the logout button while keeping intercept on in burpsuite.
As soon as you get corresponding output, for the logout button in burpsuite Right Click, Go to engagement tools and click on generate CSRF Load.
Copy HTML code, create a new notepad file, paste the code and save with extension .
HTML Now when Victim opens this file then he or she will directly get log out of the logged-in account.
2) CSRF on Login Page.
Enter Username and Password and intercept it.
Follow steps 2 and 3 from above.
Now when Victim opens this file then he or she will directly get logged in.
3) CSRF on Business Logic
Go on the Support page, where there is a contact form.
Fill out the contact form and keep the intercept on in burpsuite.
Press submit in the form and go to burpsuite.
Follow steps 2 and 3 from (1) and when you open that saved HTML page, the message is directly sent.
Comments