Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- curl
- -d "{"email":"test@test.com"}"
- --header "X-CSRFToken: [triple checked value from the source code of a page I already loaded from my Django app]"
- --cookie "csrftoken=[same csrf value as above]"
- http://127.0.0.1:8083/registrations/register/
- curl
- -d "{a:1}"
- --header "X-CSRFToken:[as above]"
- --cookie "csrftoken=[as above];sessionid=[from header inspection in Chrome]"
- http://127.0.0.1:8083/registrations/register/
- curl
- -d "{a:1}"
- --header "X-CSRFToken:[as above]"
- http://127.0.0.1:8083/registrations/register/
- $ curl -v -c cookies.txt -b cookies.txt host.com/registrations/register/
- $ curl -v -c cookies.txt -b cookies.txt -d "email=user@site.com&a=1&csrfmiddlewaretoken=<token from cookies.txt>" host.com/registrations/register/
- curl
- -d "email=test@test.com&a=1"
- http://127.0.0.1:8083/registrations/register/
- curl
- -X POST
- -d "email=test@test.com&a=1&csrfmiddlewaretoken={inserttoken}"
- --cookie "csrftoken=[as above]"
- http://127.0.0.1:8083/registrations/register/
- $ curl -c cookie.txt http://localhost.com:8000/
- # Netscape HTTP Cookie File
- # http://curl.haxx.se/docs/http-cookies.html
- # This file was generated by libcurl! Edit at your own risk.
- localhost.com FALSE / FALSE 1463117016 csrftoken vGpifQR12BxT07moOohREGmuKp8HjxaE
- $curl --cookie cookie.txt http://localhost.com:8000/login/ -H "Content-Type: application/json" -H "X-CSRFToken: vGpifQR12BxT07moOohREGmuKp8HjxaE" -X POST -d "{"username":"username","password":"password"}"
- {"status": "success", "response_msg": "/"}
- $
- $curl --cookie cookie.txt http://localhost.com:8000/login/ -H "Content-Type: application/json" -H "X-CSRFToken: kVgzzB6MJk1RtlVnyzegEiUs5Fo3VRqF" -X POST -d "{"username":"username","password":"password"}" -c cookie.txt
- # Netscape HTTP Cookie File
- # http://curl.haxx.se/docs/http-cookies.html
- # This file was generated by libcurl! Edit at your own risk.
- localhost.com FALSE / FALSE 1463117016 csrftoken vGpifQR12BxT07moOohREGmuKp8HjxaE
- #HttpOnly_localhost.com FALSE / FALSE 1432877016 sessionid cg4ooly1f4kkd0ifb6sm9p
- $curl --cookie cookie.txt http://localhost.com:8000/home/
- curl http://127.0.0.1:8000/snippets/
- -X POST
- -H "Content-Type: application/json"
- -H "Accept: text/html,application/json"
- -H "X-CSRFToken: the_token_value"
- -H "Cookie: csrftoken=the_token_value"
- -u your_user_name:your_password
- -d '{"title": "first cookie post","code": "print hello world"}'
- echo -n YourPasswordHere | ./curl-auth-csrf.py -i http://127.0.0.1:8083/registrations/register/ -d 'email=test@test.com&a=1' http://127.0.0.1:8083/registrations/register/
- curl -v http://www.markjour.com/login/ -H "X-CSRFToken: 123" -b "csrftoken=123" -d "username=admin&password=admin"
- curl -b csrftoken=1xzVs5EaUTbVN0Cu5tOslfWGfNahhAsB9LvSoWoUfagDFy3UJsDHidUgxwVB0jN http://localhost:8000/ -d '{"somekey": "somevalue"}'
- # Apostrophe around the token is optional.
Add Comment
Please, Sign In to add comment