Hacking OWASP’s Juice Shop Pt. 35: CSRF

Challenge: 

Name: CSRF

Description: Change the name of a user by performing Cross-Site Request Forgery from another origin.

Difficulty: 3 star

Category: Broken Access Control

Expanded Description: https://pwning.owasp-juice.shop/part2/broken-access-control.html

Tools used:

Older Firefox browser

Resources used:

Solutions Guide

CSRF Payloads

Methodology: 

To start out with, let me just say that I wish the expanded description would have directed me to an older version of Firefox like the Solutions Guide did. That would have saved me quite a bit of time.

In the HTML editor (within an older browser), copy/paste the HTML code from the user profile page to the editor, then add in a CSRF payload near the top of the HTML code and enjoy your completed challenge.

<img src="https://curiositykillscolby.files.wordpress.com/2020/11/image-127.jpeg?w=1024&quot; alt="eh Real-time HTML Editor G) htmledit.squarefree.com rea – Ime OWASPJuice Shop and it will e HTML in the textarea above, html •html ear in the frame <form action="http://localhost:3000/profile&quot; •input <input t </for <scri t>docurnent. forms .:head Juice Sho </title: methccl= emeta <meta <meta <meta el ink clink
You successfully solved a challenge: CSRF (Change the name of a user by performing Cross-site Request Forgery from another origin.) X

Prevention and Mitigation Strategies:

OWASP CSRF Cheat Sheet

Lessons Learned and Things Worth Mentioning: 

I need to spend more time learning about CSRF exploits. Normally I’d have something to say here, but I’m still a little confused as to what exactly happened.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s