Loading...

Damn Vulnerable Web App - CSRF with OWASP CSRFTester.

4,821 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Uploaded on Jan 16, 2011

Good evening and welcome to my demonstraton.

Tonight I will be attacking the CSRF Section of the DVWA.

I'll be using Firefox, FireBug, FoxyProxy, OWASP's CSRFTester and good ol' Kate all available in the awesome Back|Track4.

Ill capture a genuine HTTP request to change password, using CSRFTester and FoxyProxy; then edit the HTTP request from GET to POST with Kate - to show the proof of concept, ill then open this edited HTTP request with firefox and forge a password request from the Web Application.

During the password change, Ill edit the page with FireBug to show the password change.

Hope you enjoy and check out http://defensive-attack-formation.net for more research.

d3m0n35

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...