![\"\"](\"http:\/\/malwrforensics.com\/en\/wp-content\/uploads\/2018\/02\/form_no_csrf_token.png\")
<\/p>\nLet’s assume you have created an account and have logged in to a website. Among the options you have, there is one where you can edit your profile. Once we land on that page, we want to check if there is a protection against a CSRF (cross-site request forgery) attack.<\/p>\n
First thing is to view the source and inspect the form.<\/p>\n
<\/p>\n
Immediately you can see one thing that is missing, a random text\/token (usually 8 or more characters). Something like this:<\/p>\n
![\"\"](\"http:\/\/malwrforensics.com\/en\/wp-content\/uploads\/2018\/02\/csrf_token_example.png\")
<\/p>\n
Why is a CSRF token important ? Well, in this case, without a CSRF token, if a user clicks on a link while he\/she is logged in, the profile data can be changed.<\/p>\n
Imagine you are buying something on a website and while you have the items in the cart, you visit a webpage that is able to change your address so when you click on the “Buy” button, the items will be shipped somewhere else. You can find more examples\u00a0here<\/a>.<\/p>\n To see it in action, assuming that you’re using Burp, edit your profile, locate the request in the HTTP history, right click on it and select\u00a0 “Send it to Repeater”.<\/p>\n You can then edit the parameters with new values and submit it. When you refresh the page in the browser, you should be able to see the new values.<\/p>\n","protected":false},"excerpt":{"rendered":" Let’s assume you have created an account and have logged in to a website. Among the options you have, there is one where you can edit your profile. Once we land on that page, we want to check if there is a protection against a CSRF (cross-site request forgery) attack. First thing is to view […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[61,77,49,24],"class_list":["post-215","post","type-post","status-publish","format-standard","hentry","category-security","tag-burp","tag-cross-site-request-forgery","tag-csrf","tag-web-security"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[]}},"featured_image_urls_v2":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":""},"post_excerpt_stackable_v2":" Let’s assume you have created an account and have logged in to a website. Among the options you have, there is one where you can edit your profile. Once we land on that page, we want to check if there is a protection against a CSRF (cross-site request forgery) attack. First thing is to view the source and inspect the form. Immediately you can see one thing that is missing, a random text\/token (usually 8 or more characters). Something like this: Why is a CSRF token important ? Well, in this case, without a CSRF token, if a user clicks…<\/p>\n","category_list_v2":"Security<\/a>","author_info_v2":{"name":"malwrforensics","url":"https:\/\/malwrforensics.com\/en\/author\/u_malwrforensics\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/215","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/comments?post=215"}],"version-history":[{"count":3,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/215\/revisions"}],"predecessor-version":[{"id":276,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/215\/revisions\/276"}],"wp:attachment":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/media?parent=215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/categories?post=215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/tags?post=215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"http:\/\/malwrforensics.com\/en\/wp-content\/uploads\/2018\/02\/csrf_burp_repeater.png\")
<\/p>\n