Intro PageChatStats/LogHacking ArenaThe CityThe BankGangsFacility

CSRF Protection for certain links

Have a good idea? Post it here and you may see it implemented.
Post a reply

CSRF Protection for certain links

Postby PaPPy on Thu, 06 May 2010 12:48:58 +0000

So if i get people to goto this URL
hxxp://cyber-wars.com/lottery.php?actio ... Submit=Buy

I could potentially get a lot of people to drop 10 mil into the lottery

or suicide
hxxp://cyber-wars.com/suicide.php?action=die

a little less harmful
hxxp://cyber-wars.com/energystore.php?w ... t=Withdraw

healing
hxxp://cyber-wars.com/hospital.php?action=heal


hxxp://cyber-wars.com/grid3.php?times=100

yes this will make it harder so people cant use their bookmarks or auto refreshing

simple referral checking may help from this

or maybe in emails or chat or forums use this api
http://www.longurlplease.com/docs

to translate shrunk urls into their full path
PaPPy
 
CW Profile
Top

Re: CSRF Protection for certain links

Postby |OSX| 10101 on Fri, 07 May 2010 08:25:06 +0000

Very smart and your making me think twice when I click a URL... :)
|OSX| 10101
Donator
 
CW Profile
Posts: 28
Joined: Sun, 13 Dec 2009 21:04:44 +0000
Top

Re: CSRF Protection for certain links

Postby PaPPy on Tue, 18 May 2010 18:32:08 +0000

and of course
hxxp://www.cyber-wars.com/mines.php?vie ... buy=mine10
PaPPy
 
CW Profile
Top
Post a reply

Return to Suggestions

Who is online

Users browsing this forum: No registered users and 4 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group. Color scheme by ColorizeIt.
cron