Chapter 12  ■ Attacking Other Users

ing request:

GET /ShowAccount.php HTTP/1.1

Host: wahh-app.com

which returns a form including the following field:

The script then parses out the value of the password field and causes the vic-

tim’s browser to issue the following request:

POST /ChangePassword.php HTTP/1.1

Host: wahh-app.com

Content-Length: 60

oldPassword=kemppike&newPassword=0wned&confirmPassword=0wned

which results in the user’s password being reset to a value controlled by the

attacker. Each of these requests occurs asynchronously, without any obvious

indication to the user that they have taken place. If skillfully executed, the user

will not know about the attack until the next time they attempt to log in.

N OT E