help please!-!

akshitmehra2000
4 years ago

1

how do we get the csrf token if its continuesly changing on whenever we submit

LvMalware Drk [lvmalware]
4 years ago

1

You can get the current csrf token by viewing the source code of the page.
Then, include this token into the POST request.

akshitmehra2000
4 years ago

1

i did that exactly, but every time i submit it shows invalid csrf token. May i send you my code??

akshitmehra2000
4 years ago

0

sir please, i dont know where i am going wrong
ive read all the threads. i include the token, but every time i submit it opens up a page showing invalid csrf token

LvMalware Drk [lvmalware]
4 years ago | reply to #80356

1

Yes, send it.

akshitmehra2000
4 years ago

0

daksh001
4 years ago

0

…..

akshitmehra2000
4 years ago

0

>">

akshitmehra2000
4 years ago

0

html
head
/head
body
form action=“https://defendtheweb.net/playground/http-method” method=POST
input type=“password” name=“pwd” placeholder=“password”
input type=“submit” value=“submit”
input type=“hidden” name=“cirf-token” value=“7c434d26814ceb7cf0f9c0c84ccdd4c738f8f07ef2187a2feae270956230b4ce”
/input
/form

/body
/html

SIR HERE IS THE CODE, I HAVE REMOVED THE BRACKETS BEC OF THE SPOILER ISSUE, they are there in the origoinal code.
THANK YOU,

LvMalware Drk [lvmalware]
4 years ago | reply to #80367

0

If you take a look into previous challenges, the token is placed into a input named only as “token”.
Change “cirf-token” to “token” into your code and make sure to use the right csrf-token (you can get one as I said before, on the source code of the page).
This should do, now.

HTTP method

1

1

1

0

1

0

0

0

0

0