http://www.csrflabphpbb.com/profile.phpPOST /profile.php HTTP/1.1Hos

1. http://www.csrflabphpbb.com/profile.php
2.  
3.  
4.  
5. POST /profile.php HTTP/1.1
6.  
7. Host: www.csrflabphpbb.com
8.  
9. User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
10.  
11. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
12.  
13. Accept-Language: en-us,en;q=0.5
14.  
15. Accept-Encoding: gzip,deflate
16.  
17. Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
18.  
19. Keep-Alive: 115
20.  
21. Connection: keep-alive
22.  
23. Referer: http://www.csrflabphpbb.com/profile.php?mode=editprofile
24.  
25. Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D; phpbb2mysql_sid=352cba7b3b8240ccc4faaa8da34a4a32; phpbb2mysql_t=a%3A4%3A%7Bi%3A4%3Bi%3A1523787549%3Bi%3A5%3Bi%3A1523789298%3Bi%3A6%3Bi%3A1523791283%3Bi%3A7%3Bi%3A1523791295%3B%7D
26.  
27. Content-Type: application/x-www-form-urlencoded
28.  
29. Content-Length: 462
30.  
31. username=admin&email=admin%40seed.com&cur_password=&new_password=&password_confirm=&icq=&aim=&msn=&yim=&website=&location=&occupation=student&interests=encryption&signature=cryptography+is+fun%21&viewemail=1&hideonline=0&notifyreply=0&notifypm=1&popup_pm=1&attachsig=0&allowbbcode=1&allowhtml=0&allowsmilies=1&language=english&style=1&timezone=0&dateformat=d+M+Y+h%3Ai+a&mode=editprofile&agreed=true&coppa=0&user_id=2&current_email=admin%40seed.com&Submit=Submit
32.  
33. HTTP/1.1 200 OK
34.  
35. Date: Sun, 15 Apr 2018 11:47:51 GMT
36.  
37. Server: Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.1 with Suhosin-Patch mod_ssl/2.2.11 OpenSSL/0.9.8g
38.  
39. X-Powered-By: PHP/5.2.6-3ubuntu4.1
40.  
41. Set-Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D; expires=Mon, 15-Apr-2019 11:47:51 GMT; path=/
42.  
43. Set-Cookie: phpbb2mysql_sid=352cba7b3b8240ccc4faaa8da34a4a32; path=/
44.  
45. Cache-Control: private, pre-check=0, post-check=0, max-age=0
46.  
47. Expires: 0
48.  
49. Pragma: no-cache
50.  
51. Vary: Accept-Encoding
52.  
53. Content-Encoding: gzip
54.  
55. Content-Length: 3875
56.  
57. Keep-Alive: timeout=15, max=100
58.  
59. Connection: Keep-Alive
60.  
61. Content-Type: text/html
62.  
63. ----------------------------------------------------------
64.  
65. http://www.csrflabphpbb.com/index.php
66.  
67.  
68.  
69. GET /index.php HTTP/1.1
70.  
71. Host: www.csrflabphpbb.com
72.  
73. User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
74.  
75. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
76.  
77. Accept-Language: en-us,en;q=0.5
78.  
79. Accept-Encoding: gzip,deflate
80.  
81. Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
82.  
83. Keep-Alive: 115
84.  
85. Connection: keep-alive
86.  
87. Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D; phpbb2mysql_sid=352cba7b3b8240ccc4faaa8da34a4a32; phpbb2mysql_t=a%3A4%3A%7Bi%3A4%3Bi%3A1523787549%3Bi%3A5%3Bi%3A1523789298%3Bi%3A6%3Bi%3A1523791283%3Bi%3A7%3Bi%3A1523791295%3B%7D
88.  
89.  
90.  
91. HTTP/1.1 200 OK
92.  
93. Date: Sun, 15 Apr 2018 11:47:56 GMT
94.  
95. Server: Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.1 with Suhosin-Patch mod_ssl/2.2.11 OpenSSL/0.9.8g
96.  
97. X-Powered-By: PHP/5.2.6-3ubuntu4.1
98.  
99. Cache-Control: no-cache, pre-check=0, post-check=0
100.  
101. Expires: 0
102.  
103. Pragma: no-cache
104.  
105. Vary: Accept-Encoding
106.  
107. Content-Encoding: gzip
108.  
109. Content-Length: 4686
110.  
111. Keep-Alive: timeout=15, max=99
112.  
113. Connection: Keep-Alive
114.  
115. Content-Type: text/html
116.  
117. ----------------------------------------------------------