Scribd Logo
Upload

Welcome to Scribd!

  • WMS Worksheet-3 20BCS5931

    Uploaded by

    War Lock
    12 views9 pages
    This document is a lab report submitted by Akshat Chauhan for their Web and Mobile Security Lab course. The report details an experiment on understanding how to find Cross-Site Request Forgery (CSRF) vulnerabilities. The experiment involves setting up WebGoat on Kali Linux, finding a CSRF vulnerability, crafting an HTML form to exploit it, and hosting the fake form on a personal web server to launch the CSRF attack. The report explains the process, provides screenshots of the steps, and includes an evaluation grid for marking the experiment.

    Original Description:

    Original Title

    WMS WORKSHEET-3 20BCS5931

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document is a lab report submitted by Akshat Chauhan for their Web and Mobile Security Lab course. The report details an experiment on understanding how to find Cross-Site Request Forgery (CSRF) vulnerabilities. The experiment involves setting up WebGoat on Kali Linux, finding a CSRF vulnerability, crafting an HTML form to exploit it, and hosting the fake form on a personal web server to launch the CSRF attack. The report explains the process, provides screenshots of the steps, and includes an evaluation grid for marking the experiment.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views9 pages

    WMS Worksheet-3 20BCS5931

    Uploaded by

    War Lock
    This document is a lab report submitted by Akshat Chauhan for their Web and Mobile Security Lab course. The report details an experiment on understanding how to find Cross-Site Request Forgery (CSRF) vulnerabilities. The experiment involves setting up WebGoat on Kali Linux, finding a CSRF vulnerability, crafting an HTML form to exploit it, and hosting the fake form on a personal web server to launch the CSRF attack. The report explains the process, provides screenshots of the steps, and includes an evaluation grid for marking the experiment.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    WEB & MOBILE SECURITY LAB

    20CSP-338
    Submitted for the requirement of

    Lab Course

    Bachelor Degree of Engineering

    COMPUTER SCIENCE & ENGINEERING

    Submitted to: Submitted By:


    Er. Jayesh Surana Akshat Chauhan
    20BCS5931

    DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING


    CHANDIGARH UNIVERSITY, GHARUAN
    August-December 2022
    LAB INDEX

    NAME: Akshat Chauhan UID: 20BCS5931


    SUBJECT NAME: WMS Lab SUBJECT CODE: 20CSP-338
    Class/Section: 619/A

    Sr. Program Date Evaluation Sign


    No LW VV FW Total
    (12) (8) (10) (30)
    1. Identify Http packet on a monitoring tool like 09/08/2022
    Wireshark.

    2. Design a method to stimulate the html injection and 16/08/2022


    cross site scripting to exploit the attackers.

    3. Understand How to find CSRF Vulnerability. 28/08/2022

    ii
    Param Sahai
    20BCS5964
    Experiment 1.3

    1. Aim/Overview of the practical:


    To understand how to find CSRF Vulnerability.

    2. Task to be done/ Which logistics used:


    To exploit a website using cross site request forgery.
    CSRF: Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit a request to a
    Web application against which they are currently authenticated. CSRF attacks exploit the trust a Web application
    has in an authenticated user. (Conversely, cross-site scripting (XSS) attacks exploit the trust a user has in a
    particular Web application). A CSRF attack exploits a vulnerability in a Web application if it cannot differentiate
    between a request generated by an individual user and a request generated by a user without their consent.

    ATTACK SURFACES: The attack surfaces for CSRF are mostly HTTP requests that cause a change in
    something related to the victim, for example: name, email address, website and even password. It is sometimes
    used to alter the state of authentication as well. (Login CSRF, Logout CSRF) which are less severe but can still be
    problematic in some cases.

    EXPLOITATION:
    Consider a website example.com and the attacker’s website evil.com. Also assume that the victim is logged in
    and his session is being maintained by cookies. The attacker will:

    i. Find out what action he needs to perform on behalf of the victim and find out its endpoint (for example,
    to change password on target.com a POST request is made to the website that contains new password as
    the parameter.)

    ii. Place HTML code on his website evil.com that will imitate a legal request to target.com (for example, a
    form with method as post and a hidden input field that contains the new password).

    iii. Make sure that the form is submitted by either using “autosubmit” or luring the victim to click on a
    submit button.

    When the victim visits evil.com and that form is submitted, the victim’s browser makes a request to target.com
    for a password change. Also the browser appends the cookies with the request. The server treats it as a genuine
    request and resets the victim’s password to the attacker’s supplied value. This way the victim’s account gets
    taken over by the attacker.
    1
    Akshat Chauhan
    20BCS5931
    Fig 1.3.1 (How does a CSRF attack works)

    2
    Akshat Chauhan
    20BCS5931
    3. Steps for experiment:

    i. Install WebGoat on kali-linux and register as a new user. From the menu select Cross Site Request Forgery.

    Fig 1.3.2 (Setting up WebGoat)

    3
    Akshat Chauhan
    20BCS5931
    ii. Now click on “Submit Query” button, we should get redirected to following page.

    Fig 1.3.3 (Submitting Query)

    4
    Akshat Chauhan
    20BCS5931
    iii. Right click on “Submit Query” button and choose inspect. See exactly where form is going to. Now craft
    own html form which looks exactly same as this form.

    Fig 1.3.4 (Modifying the Submit Query button)

    Fig 1.3.4 (HTML code for the submit button)

    5
    Akshat Chauhan
    20BCS5931
    iv. Now open the form in new tab. Here the submit query will be displayed to the victim.

    Fig 1.3.5 (Victim side rendering)

    v. Once the victim clicks the submit query that is it, as quickly as this we are able to launch the attack by using
    a separate form.

    Fig 1.3.6 (User submitted the Query)

    6
    Akshat Chauhan
    20BCS5931
    vi. We can take this attack to next level. To do so we can copy the HTML file we created and paste it into our
    own web application server and we can host it very quickly. Now we have hosted our hacking server, which
    has the fake form.

    Fig 1.3.7 (Hosting the server)

    Evaluation Grid (To be created as per the SOP and Assessment guidelines by the faculty):

    Sr. No. Parameters Marks Obtained Maximum Marks


    1.
    2.
    3.

    7
    Akshat Chauhan
    20BCS5931

    You might also like