CSRF is the abbreviation of Cross Site Request Forgery, also known by many other names as one-click attack or session riding or XSRF. It is a type of malicious exploit of a website where unauthorized commands are executed from a user which website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user’s browser. I will show you simple working of csrf exploitation here that how it works.
CSRF Exploitation on DVWA
- We’re using a localhost server with vulnerable website DVWA.
- By default the credential set for DVWA is admin: password. As you can see I have used them for login in DVWA. Just login by entering username and password here like below.
- After logging in, move to the CSRF button on the left tab. Once you hit the button, you’ll see a page to change password like this.
- Just change the password to anything you’ll like to. After you hit change button, click on the View page Source.
- Now, you need to copy paste above above marked HTML code inside a text file. If you are aware of HTML coding then it will be very simple to understand the following syntax inside the notepad which will create a form to reset the password of a web page. Now save the file as csrf.html. You may name the file to anything you want to.
- Just replace the input password & confirm password tags to the following string.
<input type=”password” AUTOCOMPLETE=”off” name=”password_new” value=”mynewpassword”>
<input type=”password” AUTOCOMPLETE=”off” name=”password_conf” value=”mynewpassword”>
- Now open the saved file. and hit Change button. As you’ll hit the button, you’ll see a change in address bar appearing new password.
- Now head back to the DVWA page where you just changed the password and copy the URL as shown in the following image.
- Open the csrf.html file again in notepad and just change the action to the copied address.
- Now as you open this file in the browser and hit Change button as have done in the previous step before. It’ll change the password of DVWA LOGIN.
That’s only a simple tutorial of CSRF on a local machine to show how it works. This tutorial do not intend to harm any third party website. Hope it cleared your mind how csrf exploitation works.