Symantec CSRF Vulnerability
Hello friends here i came with another vulnerability article
Symantec Antivirus Well Known Anti Virus Official Website Vulnerable To CSRF Vulnerability...
First i go to symantec customer log in page and created my own test accounting for testing....I Switch to Live Http Headers , and then i suck , Why !! there is a CSRF Tokens called "Nonce"
Hello friends here i came with another vulnerability article
Symantec Antivirus Well Known Anti Virus Official Website Vulnerable To CSRF Vulnerability...
First i go to symantec customer log in page and created my own test accounting for testing....I Switch to Live Http Headers , and then i suck , Why !! there is a CSRF Tokens called "Nonce"
And i was lke
Before one year , CSRF tokens is like "Dangerous Evil" , I was played around but didnt find anyting better , Then i think i should remove the csrf tokens from request and then have to see is that still working fine , If server required the CSRF tokens then it wil give me an error and through me on an error page As Expected ,After removing the CSRF Tokens and executing the same page
That works without any problem , I Was Like WTF , I Bypassed The CSRF Tokens
No comments:
Post a Comment