Hello friends! Welcome to my twisted CSRF labs! These are the CSRF labs with some of the sweetest cheese but you will have to for it.
Here are some ground rules:
- 00.php is supposed to be safe, please report all issues to info@thexssrat.com
- You can always go to the file
- These challenges will get progressively harder
- You can always go back to The listing
CSRF 4
Medium+Goal: Use the exact predictable token and return the flag from an external request.
Hints
- The token value is not random, but it is a little less obvious than the previous level.
- Use the visible account context shown on the page.
- If a token follows a deterministic naming scheme, the attacker can rebuild it.
Why This Works
Predictable tokens fail for the same reason as hard-coded tokens: the attacker can derive them offline. Even though the server now requires an exact match, the value is still guessable from public information.
Member reference: member-2