CSRF - Lab #5 CSRF where token is tied to non-session cookie

CSRF - Lab #5 CSRF where token is tied to non-session cookie | Long Version

Рет қаралды 11,107

Күн бұрын

Пікірлер

@RanaKhalil101 3 жыл бұрын

Don't want to wait for the weekly release schedule to gain access to all the CSRF videos and want to be added to a discord server where you can ask questions? Make sure to sign up to my course! academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨

@gsingh8857 7 ай бұрын

Well explained. Thank you so much for helping the community

@karthikbt7239 Жыл бұрын

@11:16 doesn't the csrf token change when we inspect element and reload? How is the older csrf tied to the new session?

@dhoomchutad2111 11 күн бұрын

that is the vulnerability, the csrf token is not tied to user session and that's how we are able to perform this attack. Had the csrf token which here is passed in the body is properly tied to victim session, then we couldn't pull off this attack.

@karthikbt7239 11 күн бұрын

@@dhoomchutad2111 Got it thank you for the response

@cowid 6 ай бұрын

I must have spent 12 hours on that lab. No kidding. I always hit a "Invalid csrf token" no matter what I try.

@praveennegi7309 2 ай бұрын

use this SameSite=None in cookie , like this hi%0d%0aSet-Cookie:%20csrfKey=zBbP6cvSAcvCuuDJflETvb4SD0vdfRMO%3B%20SameSite%3dNone

@Daniel2005D 10 ай бұрын

I try to do this lab, but it doesn't work, I have replicated all the ones in your video, but it doesn't work, either.

@Luis-e2t 3 ай бұрын

same problem

@praveennegi7309 2 ай бұрын

use this SameSite=None in cookie , like this hi%0d%0aSet-Cookie:%20csrfKey=zBbP6cvSAcvCuuDJflETvb4SD0vdfRMO%3B%20SameSite%3dNone

@samkoske1345 8 ай бұрын

Thank you so much for these extremely helpful videos! I can tell you put alot of work into them.

@pranjalruhela1103 Жыл бұрын

tried 10s of times i didnt get it solved............but it worked when I used the SameSite=None appended in the src attribute

@NazibHasanRobin Жыл бұрын

i am trying very hard. but every time when I test it in browser it shows my csrf token is invalid. but everything is ok i did exactly how you showed in the video. everything and every step is ok. csrf key and cookie is also ok but at the end it shows my csrf token is invalid

@tbjehad106 Жыл бұрын

same here

@gopikanna_ Жыл бұрын

Same issue here, I think there is a issue in portswigger side

@Crazycom1 Жыл бұрын

Same here

@maximeancelin827 Жыл бұрын

Just found it, when you set your crsf cookie on the

@pclee594 9 ай бұрын

@@maximeancelin827 I used the method you described, but the email address was still not modified successfully ("Invalid CSRF token"). But the commit got "Congratulations, you solved the lab!" , so I think it's a problem on the portswigger side

@yusufix666 16 күн бұрын

i did but when i click view exploit it runs correctly but when i click to deliver exploit to victim its not working what is the reason ?

@wanishoaib_ Жыл бұрын

I am not able to use fetch(). It is giving CORS error. But why does it work this way?? Can anyone help!

@youssefblt9839 8 ай бұрын

ur vids r wonderfull thanks for the simplifying to us

@acronproject Жыл бұрын

Thank you Mrs.Khalil

@user-jv1we6pu8j 3 жыл бұрын

Thanks for the detailed explanation and methodology. Helps a lot👍

@walidgasmi2224 3 жыл бұрын

you are the best in explaining things , are you gonna do the xss and xxe serie , it will be amazing thank you so much

@tskdkrkrk 3 жыл бұрын

Hi I have query why are we using the search functionality in this lab ?

@ishikasharma1103 2 жыл бұрын

Thanks for the amazing explanation!!!❤❤

@معینرضایی-ف5ظ 3 жыл бұрын

thank for your amazing course

@sebasg.8295 2 жыл бұрын

No entendí, esperaba que cargaras el código HTML malicioso en el servidor de explotación de burpsuite.

@ananthavijay.m5711 3 жыл бұрын

I get the error "invalid csrf token", upon checking burp, the post request is made with the original csrfkey and not the attacker's (another account) csrfkey. Can anyone help me

@xoro163 2 жыл бұрын

dont take the csrf token from burp . when you login to the carlos account right click (inspect)on the update email button and there you will see a hidden input contains csrf token (or search "csrf" on the konsole)take that and it will work.

@ananthavijay.m5711 2 жыл бұрын

@@xoro163 Thank you!

@xoro163 2 жыл бұрын

i did everything correct.when i click on the view exploit from the exploit server it changed the email but when i click the delver to victim button after storing it , it wont solve the lab.i dont know whats happening

@NarendraS 2 жыл бұрын

dude same thing happening to me rn how did you do it? did you finish the lab?

@VBFilms Жыл бұрын

@@NarendraS Could be a bug? I tried several methods that should work but to no avail. Might just be broken lab atm.

@manoamar4003 10 ай бұрын

@@VBFilmswhat now the problem is again