💻
OSWE Everything
💻
OSWE Everything
  • VULNERABILITIES
    • Type Juggling
    • Cross Site Scripting
      • Hunting for files
    • Insecure Deserialization
      • .NET
    • SQL Injection
      • Blind SQL Injection
      • SQLi debugging
      • Code review
      • Errors and additional information
      • Approaches to leverage different databases
    • XML External Entity (XXE)
      • Types of XML Entities
      • Exploitation
      • Wrappers for errors
      • Post Exploitation
    • OS Command Injection
      • Exploitation
    • Server Side Template Injection
      • Exploitation
    • Authentication Bypass
      • Checklist
  • Unsecure Random Function
    • Exploitation
  • Cross Origin Resource Sharing (CORS)
    • Prerequisites of Exploitation
  • Client Side Request Forgery (CSRF)
    • Prerequisites of Exploitation
  • Exploit Writing
    • Cheatsheet
    • Skeleton Scripts
  • Code review
    • Manual code review
      • Routing
      • Searching for exploits
      • Debugging
    • Decompilation
      • Java
      • .NET
    • Managing the application
      • Identifying application file location
      • Restarting web applications
      • Manipulation of Assembly Attributes for Debugging (.NET)
  • Preparation Machines
    • [HTB] Vault
    • Other HTB scripts
  • ADDITIONAL INFORMATION
    • Sources
  • External Resources
    • WhiteBox Pentest
Powered by GitBook
On this page
  1. Client Side Request Forgery (CSRF)

Prerequisites of Exploitation

Sometimes you can extract the CSRF token using CORS

Prerequisites

  • No CSRF token / Weak generation of CSRF token

  • Samesite value of important Cookie set to None

or

  • No CSRF token / Weak generation of CSRF token

  • Samesite value of important Cookie set to Lax with the following prerequisites

It must use a method that does not facilitate a change on the server (GET, HEAD, OPTIONS).

It must originate from user-initiated navigation, e.g. clicking a link will include the cookie, but requests made by images or scripts will not.

PreviousClient Side Request Forgery (CSRF)NextCheatsheet

Last updated 1 month ago