Web - Client
Thursday 5 October 2017, 09:41 #1
CSRF - token bypass
i’ve successfully found a way to force admin to submit the form (Without Knowing his real CSRF)
using xss and iframe ,, i’m sure i done it the right way .. but when i submit contact form to admin to force the CSRF scenario i got nothing
am i missing something here ?
like special way to submit the CSRF to the admin ?
i know the admin is bot , so it may need a defined answer to let me solve the challenge
thx 🙂