CSRFT - Cross Site Request Forgeries (Exploitation) Toolkit
This project has been developed to exploit CSRF Web vulnerabilities and provide you a quick and easy exploitation toolkit. In few words, this is a simple HTTP Server in NodeJS that will communicate with the clients (victims) and send them payload that will be executed using JavaScript.
This has been developed entirely in NodeJS, and configuration files are in JSON format.
*However, there's a tool in Python in
This project allows you to perform PoC (Proof Of Concepts) really easily. Let's see how to get/use it.
Then, launch the server.js :
Steps to succeed :
1) Create your configuration file, see samples in
2) Add your .html files in the
3) If you want to do Dictionnary attack, add your dictionnary file to the
4) Replace the value of the field you want to perform this attack with the token
=> either in your urls if GET exploitation, or in the HTML files if POST exploitation.
5) Launch the application :
Here are some basic use cases :
*GET parameter with Dictionnary attack : *
*POST parameter with Special value attack : *
This has been developed entirely in NodeJS, and configuration files are in JSON format.
*However, there's a tool in Python in
utils folder that you can use to automate CSRF exploitation. *This project allows you to perform PoC (Proof Of Concepts) really easily. Let's see how to get/use it.
How to get/use the tool
First, clone it :$ git clone git@github.com:PaulSec/CSRFT.git
npm install Then, launch the server.js :
$ node server.js Usage : node server.js
A) I want to write my specific JSON configuration file and launch it by hand
Based on the templates which are available, you can easily create your own. If you have any trouble creating it, feel free to contact me and I'll try to help you as much as I can but it shoudn't be this complicated.Steps to succeed :
1) Create your configuration file, see samples in
conf/ folder2) Add your .html files in the
exploits/ folder with the different payloads if the CSRF is POST vulnerable3) If you want to do Dictionnary attack, add your dictionnary file to the
dicos/ folder,4) Replace the value of the field you want to perform this attack with the token
<%value%> => either in your urls if GET exploitation, or in the HTML files if POST exploitation.
5) Launch the application :
node server.js conf/test.jsonB) I want to automate attacks really easily
To do so, I developed a Python script csrft_utils.py inutils folder that will do this for you.Here are some basic use cases :
*GET parameter with Dictionnary attack : *
$ python csrft_utils.py --url="http://www.vulnerable.com/changePassword.php?newPassword=csvulnerableParameter" --param=newPassword --dico_file="../dicos/passwords.txt" *POST parameter with Special value attack : *
$ python csrft_utils.py --form=http://website.com/user.php --id=changePassword --param=password password=newPassword --special_value 