- open base_server README.md
Flow and mitigation details: see CSRF - Notion page
- open base_server_2
npm install && npm start- runs at localhost:4000
- /login - to Login, see users available in db.js
- /account - gated page
- also has a Transfer money feature, that is vulnerable to CSRF
- Set MITIGATION_STRATEGY in flags.js
- Search for MITIGATION_STRATEGY to see all CSRF-related logic
- Request by logged in user /account should work
- open hackers/index.html in a browser
- click the buttons that submit attacker-crafted request
- Request by attacker should be blocked
- When changing strategy, logout then login again. See /login
- uses cookie-session to manage session
Flow and mitigation details: see XSS - Notion page
- open base_server_2
npm install && npm start- runs at localhost:4000
- see xss.js for routes and sample attacks
- enable or disable MITIGATION_ENABLED flag
- inject scripts on the URL,
- e.g.
http://localhost:4000/reflected-1?name=<script>alert(1)</script>
- e.g.
- run attackers_server/
- see server.js for sample exploits coming from an attacker-controlled site
- for "cookie grab" attack, run attackers_server/ and point script to http://localhost:4001
See README.md in jwt_auth/