form action=“https://defendtheweb.net/playground/http-method” method=POST
input type=“password” name=“pwd” placeholder=“password”
input type=“submit” value=“submit”
input type=“hidden” name=“cirf-token” value=“7c434d26814ceb7cf0f9c0c84ccdd4c738f8f07ef2187a2feae270956230b4ce”
SIR HERE IS THE CODE, I HAVE REMOVED THE BRACKETS BEC OF THE SPOILER ISSUE, they are there in the origoinal code.
If you take a look into previous challenges, the token is placed into a input named only as “token”.
Change “cirf-token” to “token” into your code and make sure to use the right csrf-token (you can get one as I said before, on the source code of the page).
This should do, now.
You must be logged in to reply to this discussion.
1 of 10