CSRF - Lab #7 CSRF where Referer validation depends on header being present | Short Version

In this video, we cover Lab #7 in the CSRF module of the Web Security Academy. This lab's email change functionality is vulnerable to CSRF. This lab's email change functionality is vulnerable to CSRF. It attempts to block cross domain requests but has an insecure fallback. To solve the lab, we use the exploit server to host an HTML page that uses a CSRF attack to change the viewer's email address.

▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: https://academy.ranakhalil.com/p/web-security-academy-video-series

▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
CSRF Lab #7 long video: https://www.youtube.com/watch?v=IahwvoSgi0s&ab_channel=RanaKhalil
Notes.txt document: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/csrf/lab-07/notes.txt
CSRF theory video: https://www.youtube.com/watch?v=7bTNMSqCMI0&ab_channel=RanaKhalil
Web Security Academy Youtube Video Series Release Schedule: https://docs.google.com/spreadsheets/d/16ypyLuDq2DZ1JAz_WvL1ZV-WiDWhvomgrK_1Hux4MFY/edit#gid=0
Web Security Academy: https://portswigger.net/web-security/csrf/lab-referer-validation-depends-on-header-being-present
Rana's Twitter account: https://twitter.com/rana__khalil

Видео CSRF - Lab #7 CSRF where Referer validation depends on header being present | Short Version канала Rana Khalil

security web security owasp open web application security project portswigger web security academy python offensive security bug bounty scripting burp burp suite oswe offensive security web expert csrf cross-site request forgery

Комментарии отсутствуют

Информация о видео

17 октября 2021 г. 22:45:03

00:11:46

Rana Khalil

Теги

Правообладателям

Жалоба на материал Недопустимый материал Нарушение авторских прав

Комментарии

Другие видео канала

CSRF - Lab #7 CSRF where Referer validation depends on header being present | Short Version

Business Logic Vulnerabilities - Lab #2 High-level logic vulnerability | Long Version

Authentication Vulnerabilities - Lab #9 Brute-forcing a stay-logged-in cookie | Short Version

Business Logic Vulnerabilities - Lab #1 Excessive trust in client-side controls | Long Version

Authentication Vulnerabilities - Lab #12 Password brute-force via password change | Short Version

Authentication Vulnerabilities - Lab #6 Broken brute-force protection, IP block | Short Version

SQL Injection - Lab #7 SQL injection attack, querying the database type and version on Oracle

Business Logic Vulnerabilities - Lab #7 Weak isolation on dual-use endpoint | Long Version

Authentication Vulnerabilities - Lab #8 2FA broken logic | Short Version

Business Logic Vulnerabilities - Lab #5 Low Level Logic Flaw | Short Video

Business Logic Vulnerabilities - Lab #6 Inconsistent handling of exceptional input | Short Video

Business Logic Vulnerabilities - Lab #4 Flawed enforcement of business rule | Short Version

Business Logic Vulnerabilities - Lab #7 Weak isolation on dual-use endpoint | Short Version

Command Injection - Lab #3 Blind OS command injection with output redirection | Long Version

SQL Injection - Lab #15 Blind SQL injection with out-of-band interaction

Directory Traversal - Lab #5 File path traversal, validation of start of path | Long Version

CORS - Lab #4 CORS vulnerability with internal network pivot attack | Long Video

Business Logic Vulnerabilities - Lab #3 Inconsistent security controls | Long Version

Broken Access Control - Lab #12 Multi-step process with no access control on one step | Long Version

Broken Access Control - Lab #2 Unprotected admin functionality with unpredictable URL | Long Version

Authentication Vulnerabilities - Lab #9 Brute-forcing a stay-logged-in cookie | Long Version

Authentication Vulnerabilities - Lab #5 Username enumeration via response timing | Long Version