Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root:~]# CSRF=$(curl -s -c dvwa.cookie 192.168.1.33/DVWA/login.php | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2)
- [root:~]# curl -s -i -L -b dvwa.cookie -d "username=user&password=pass&user_token=${CSRF}&Login=Login" 192.168.1.33/DVWA/login.php > /root/after.txt
- [root:~]#
- [root:~]# !diff #diff /root/before.txt /root/after.txt
- 0a1,11
- > HTTP/1.1 302 Found
- > Date: Thu, 15 Oct 2015 19:58:45 GMT
- > Server: Apache/2.4.10 (Win32) OpenSSL/1.0.1h PHP/5.4.31
- > X-Powered-By: PHP/5.4.31
- > Expires: Thu, 19 Nov 1981 08:52:00 GMT
- > Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- > Pragma: no-cache
- > Location: login.php
- > Content-Length: 0
- > Content-Type: text/html
- >
- 2c13
- < Date: Thu, 15 Oct 2015 19:57:20 GMT
- ---
- > Date: Thu, 15 Oct 2015 19:58:46 GMT
- 5d15
- < Set-Cookie: PHPSESSID=0pjgscf6jcektumgsegqk8gnf6; path=/
- 9,11c19
- < Set-Cookie: PHPSESSID=0pjgscf6jcektumgsegqk8gnf6; path=/; httponly
- < Set-Cookie: security=impossible; httponly
- < Content-Length: 1568
- ---
- > Content-Length: 1607
- 60c68
- < <input type='hidden' name='user_token' value='4bdcf7426fc9438c751ef8d3c7113f2e' />
- ---
- > <input type='hidden' name='user_token' value='3eae6f4ceeabfb56e5e390f30bb0195b' />
- 66c74
- <
- ---
- > <div class="message">Login failed</div>
- [root:~]#
Add Comment
Please, Sign In to add comment