Dealing with HTML submits conflicts
Mar 9, 2014
This first post is related with one of my project : CSRFT. CSRFT is a Cross Site Request Forgery (CSRF) vulnerabilities Toolkit.
My toolkit allows you to exploit either GET and POST HTTP Requests. During some testings, I had issues with some specific forms.
Let's take an example of such form :
<form action="http://website.com/blog/" id="form" method="get"> <label class="assistive-text" for="s">Search</label> <input class="field" id="s" name="s" placeholder="Search" type="text" value="Search Value"/> <input class="submit" id="searchsubmit" name="submit" type="submit" value="Search"/> </form> The code injected on the page to submit the form was like that :
Starting my own blog
Mar 4, 2014
Starting my own blog has been something I really wanted to do. I'll add post related to my different projects but also on Web security.
Here are my different motivations :
1. Provide a portfolio of my different projects. 2. Explain some problems I had and provide the solution 3. Talk about some geek stuffs. Let's see :) Hope you'll have fun to read me. Cheers and see you soon.