Getting around the CSRF Middleware

Remember, the CSRF Middleware relies on cookies. Cookies are upwards of 20 years old, and like a lot of the Internet's original design, they didn't anticipate today's security concerns.

For example, this subdomain can set cookies for all of veryveryvulnerable.com and its other subdomains. We took advantage of this to set the csrftoken cookie to a value we knew, then we simply POSTed and included this chosen value as "proof" we were a legitimate entity. Pop open your developer tools and take a look.

Then, visit ssda.veryveryvulnerable.com/guestbook/ and check to see if our attempt worked.

Think carefully about what lives on your domain (or might someday). Old marketing sites? A wordpress blog?