Hello friends! Welcome to my twisted CSRF labs! These are the CSRF labs with some of the sweetest cheese but you will have to for it.
Here are some ground rules:
- 00.php is supposed to be safe, please report all issues to info@thexssrat.com
- You can always go to the file
- These challenges will get progressively harder
- You can always go back to The listing
CSRF 3
MediumGoal: Return the flag by forging the request with the exact predictable token.
Hints
- The token is not random. It is derived from a visible identifier.
- Look at the page state and ask yourself what the server might be using as the token value.
- A token can be exact and still be useless if anyone can predict it.
Why This Works
A CSRF token only protects the action when it is both secret and bound to the user session. Predictable values, such as a user id or a fixed string, can be reproduced by an attacker and embedded into a forged request.
Visible account id: 2