CSRF is the abbreviation of Cross Site Request Forgery, also known by many other names as one-click attack or session riding or XSRF. It is a type of malicious exploit of a website where unauthorized commands are executed from a user which website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user’s browser. I will show you simple working of csrf exploitation here that how it works.
CSRF Exploitation on DVWA
We’re using a localhost server with vulnerable website DVWA.
By default the credential set for DVWA is admin: password. As you can see I have used them for login in DVWA. Just login by entering username and password here like below.
After logging in, move to the CSRF button on the left tab. Once you hit the button, you’ll see a page to change password like this.
Just change the password to anything you’ll like to. After you hit change button, click on the View page Source.
Now, you need to copy paste above above marked HTML code inside a text file. If you are aware of HTML coding then it will be very simple to understand the following syntax inside the notepad which will create a form to reset the password of a web page. Now save the file as csrf.html. You may name the file to anything you want to.
Just replace the input password & confirm password tags to the following string.
<input type=”password” AUTOCOMPLETE=”off” name=”password_new” value=”mynewpassword”>
<input type=”password” AUTOCOMPLETE=”off” name=”password_conf” value=”mynewpassword”>
Now open the saved file. and hit Change button. As you’ll hit the button, you’ll see a change in address bar appearing new password.
Now head back to the DVWA page where you just changed the password and copy the URL as shown in the following image.
Open the csrf.html file again in notepad and just change the action to the copied address.
Now as you open this file in the browser and hit Change button as have done in the previous step before. It’ll change the password of DVWA LOGIN.
That’s only a simple tutorial of CSRF on a local machine to show how it works. This tutorial do not intend to harm any third party website. Hope it cleared your mind how csrf exploitation works.