Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-14 17:07:34 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] one page modified

Browse source
This commit is contained in:
CPol 2020-08-10 09:56:57 +00:00 committed by gitbook-bot
parent 8aa743edcc
commit 5dbd8b749c
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pentesting-web/csrf-cross-site-request-forgery.md
View file

@ -71,6 +71,10 @@ If the web site contains any **behaviour** that **allows an attacker to set a co
In a further variation on the preceding vulnerability, some applications do not maintain any server-side record of tokens that have been issued, but instead **duplicate each token within a cookie and a request parameter**. When the subsequent request is validated, the application simply verifies that the **token** submitted in the **request parameter matches** the value submitted in the **cookie**.
In this situation, the attacker can again perform a CSRF **attack if the web site contains any cookie setting functionality**.
### Content-Type change
You can change to POST Content-Type to _**application/json, application/x-url-encoded**_ or _**form-multipart**_ and maybe you will be able to bypass the CSRF token.
### Referrer / Origin check bypass
#### Avoid Referrer header