Hello friends! Welcome to my twisted CSRF labs! These are the CSRF labs with some of the sweetest cheese but you will have to for it.
Here are some ground rules:
- 00.php is supposed to be safe, please report all issues to info@thexssrat.com
- You can always go to the file
- These challenges will get progressively harder
- You can always go back to The listing
CSRF 5
HardGoal: Get the flag by exploiting a substring-based CSRF token check against a random token.
Hints
- The real token is random, so you cannot predict it exactly.
- The server accepts any token that appears anywhere inside the real token.
- A very short hex substring has a high chance of appearing in a 64-character hex token.
Why This Works
Comparing tokens with substring logic is not validation. The server turns one strong random secret into many acceptable weak guesses, which lets the attacker brute-force tiny fragments that are likely to occur.