CSRF and Insecure Session Authentication                                    Chapter 6

            Gathering Report Information

            Let's walk through the info we need to write our report.


            Category

            This is a CSRF 1045 method attack.



            Timestamps

            For our timestamp, we can use an approximate time for when we first submitted our CSRF
            PoC.


            URL

            In our case, the vulnerable URL is simply the target of the 1045 action:

                http://webscantest.com/csrf/csrfpost.php


            Payload

            For the PoC snippet we evil-ed up, the dastardly data alteration we made was forcing our
            user to select Peasoup as their favorite color. That's what we'll include as our Payload
            value.


            Methodology


            Our PoC was generated programmatically based on information taken from the intercepted
            form's HTTP request.


            Instructions to Reproduce

            For our instructions to reproduce, we can simply provide our CSRF PoC and list the very
            simple manual steps involved in submitting the forged form request.








                                                    [ 112 ]