CSRF and Insecure Session Authentication                                    Chapter 6

            CSRF ` An End-to-End Example


            Let's take another look at a CSRF vulnerability on XFCTDBOUFTU DPN. Here's the form we'll
            be testing:
































            Simple enough. Fire up the Burp proxy and make sure the Intercept feature is on, let's fill in
            the form with a nice test value:
























                                                    [ 105 ]