Collaborate Disseminate
I am working on the DVWA’s CSRF lab with the security setting to low. The DVWA is running on localhost:4280. The SameSite cookie attribute is not set (to Lax or Strict), and thus cross-site requests should be possible.
On http://localhost:… Continue reading CSRF not sending correct cookie (Damn Vulnerable Web App test)
What I have understood (I guess):
Cross-origin Cookies:
Cookies set with Domain="example.com" are not sent with fetch requests from origins like hello.example2.com to mywebsite.example.com because they are different domains. How… Continue reading Understanding Cross-Domain Cookies and `SameSite` Attributes with Express.js and Third-Party Tracking
I have read an article about CSRF bypasses when a cookie set with Samesite: Strict.
Normally if a cookie is set with Samesite: Strict then it will not be sent in a cross origin request. But if the application e.g.: vulnerablesite.com is vu… Continue reading Questions regarding CSRF using Client Side redirect
My understanding is that
Strict is the best as, admitting you have a recent browser, it completely replaces the need for CSRF Token.
Strcit is however a big hit on usability as things like SSO or just having a link in email to go to a log… Continue reading Is using two cookies one Lax and one Strict a way to improve usability without compromising security?
If I have understood Cross-Site WebSocket Hijacking (CSWSH) attack correctly [1][2][3][4], the attack relies on two things (examples are from the first reference):
the browser sending the cookies set by the victim domain (www.some-trading… Continue reading Why is the browser not sending cookies with cross-domain WebSocket handshake request?
I have several apps connected to a single Identity Provider, which allows a Single SignOn experience for our users, and requires also a Single LogOut one.
For the logout, any app will start the logout request, calling the Identity Provider… Continue reading Is it dangerous to expose a front-channel logout endpoint that does not require authentication?
I have www.example.com a WordPress website and www.official.com this third-party website, I want to invoke <iframe src="www.example.com"></iframe> in www.official.com
Here my website is running but cookies blocking
Ho… Continue reading How to display first party website to third party website | inside the Iframe
I have found a CORS on a website but when I am trying to exploit it for a POC it is fetching all the cookies except auth cookies and due to that I am getting an error message to "User not logged In"
CORS Exploit Request
If I have session cookie or just cookie which is Secure, HttpOnly with SameSite=Strict and is never transmitted even in requests within the same domain and the page uses TLS.
Is there any attack that could catch this cookie? If so, how can… Continue reading Security of the not transmitted cookie
I am building a web form in PHP, is just for the user to request information about my services or send comments, so I don‘t need the user to be logged with a username and a password, no databse. I have the validation and sanitation scripts… Continue reading Do I need to set up super global SESSION for a web form?