Posts

Showing posts from July, 2022

Bypass CSRF-Token Verification

 A few ways to Bypass CSRF-Token Verification: 1. Use a blank CSRF token value. 2. Completely remove the CSRF token parameter value from the request. 3. Use any random CSRF Token of the same length. 4. Create another user account, copy its CSRF Token value and use it in the victim's account. 5. Try to decode the CSRF Token and check if it is encoded with algorithms like Base64, If yes it can be generated for other users. 6. Change request method i.e. from POST to GET. There is a possibility that the action gets initiated in both GET and POST method and it doesn't require a token in case of GET Method. Adding: Try bypassing with referrer based. Check whether CSRF tokens are expired properly. -->Old CSRF token re-use require physical access to the machine in order to exploit also the account should be logged in the time attacker access the device. It's a very low severity.

LFI-LFD-RFI-Path Traversal

Image
LFI-LFD-RFI-Path Traversal Local File Inclusion (LFI):  The File Inclusion vulnerability allows an attacker to include a file, usually exploiting a dynamic file inclusion mechanisms implemented in the target application. The vulnerability occurs due to the use of user-supplied input without proper validation. It also known as that is the process of including files, that are already locally present on the server, through the exploiting of vulnerable inclusion procedures implemented in the application. Function that could result in LFI: 1-include () 2-inculde _once() 3-require () 4-require_once() Local File Disclosure (LFD):  The same as local file inclusion but it enable be to execute file not only read it . Note: Every LFI can be LFD but every LFD not necessary to be LFI. A local file inclusion vuln means it executes the contents it includes, like PHP's include() function. A local file disclosure vuln discloses the contents of the local file. Reconsider your definition of loc...