Prerequisites of Exploitation

It is important to know that sometimes due to Same Origin Policy (SOP) you can trigger actions but it restrict the web page from sharing its content.

Prerequisites

Required headers:

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: (Method type that we want to use)
Access-Control-Allow-Credentials: true

Access-Control-Allow-Origin

Works in some cases where application is misconfigured

Instead of Access-Control-Allow-Origin: * you can use header:

Origin: http://evil.com

In order to specify your origin.

Access-Control-Allow-Methods

Sometimes you are not able to use type of request that performs important actions. In this case try triggering the endpoint with other type of request and see what happens.

Access-Control-Allow-Credentials

This header allows you to send requests as authenticated user. Without this you cannot reach functionalities as logged in user.

PreviousCross Origin Resource Sharing (CORS)NextClient Side Request Forgery (CSRF)

Last updated 3 months ago