Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

CSRF PoC vulnerability only succeeds while Proxying through Burp

Brandon | Last updated: Jun 10, 2015 03:41PM UTC

This may be a dumb question as I may not fully understand how this CSRF vulnerability is working. Scenario: Within the application using Spring / Spring Webflow, and Spring Security. I am able to create a PoC with Burp that will increase a User profile to an Admin status. The PoC will work every time while within the initial Admin session is active to is increase the access to the second User. When I log into the same session in a different browser and use the PoC without proxying through Burp the CSRF to increase the second User's access does not work. Am I missing something here or am I misunderstanding how the CSRF PoC works? How do I verify that the PoC is valid in this circumstance? TLDR; My CSRF PoC only works while routing my traffic through the Burp. How do I verify the PoC without Burp?

PortSwigger Agent | Last updated: Jun 11, 2015 08:19AM UTC

Have you configured any particular session handling rules that might be modifying traffic through the Proxy - e.g. changing session tokens or other parameters? I would suggest restoring defaults for all options (via the Burp menu), then with a clean browser log in to the application as admin and apply the CSRF PoC. With default settings, Burp shouldn't be making any relevant modifications to the request, so you can see what happens in that situation. If it still works, then it really ought to work when you are not using a proxy, provided you repeat exactly the same steps.

Rishabh | Last updated: Sep 10, 2020 07:44AM UTC

'

Rishabh | Last updated: Sep 10, 2020 07:44AM UTC

'

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.