CSRF
Last updated
Last updated
ObjectiveYour task is to make the current user change their own password, without them knowing about their actions, using a CSRF attack.
There are no measures in place to protect against this attack. This means a link can be crafted to achieve a certain action (in this case, change the current users password). Then with some basic social engineering, have the target click the link (or just visit a certain page), to trigger the action. Spoiler: ?password_new=password&password_conf=password&Change=Change.
Let's click on the Test Credentials
button and enter password
as the password.
We can now set the password to any other value let's say password123
and intercept the request using Burpsuite.
As we can see, the passwords are being used in the URI.
We can use the following URL and set the password back to password
.