Burp Suite User Forum

Create new post

Is their restrictions on testing Video upload with Generate CRSF PoC ?

Karen | Last updated: Feb 12, 2018 12:23PM UTC

I am using the Generate CRSF PoC to test the CSRF vulnerabilities of my site. But the Submit Request button seems to be disabled or inactive when I create a HTML to retest the upload of a video to my site? Is their restrictions on this type of upload? Thank you

PortSwigger Agent | Last updated: Feb 12, 2018 01:56PM UTC

Hi Karen, Thanks for your message. There isn't a restriction of file types, so I'm not quite sure why your PoC isn't working. Some things to try: 1) Use a really small mp4 file, like this: https://github.com/mathiasbynens/small/blob/master/mp4.mp4 2) When running the PoC, over Developer Tools in your browser and check for error messages in the JavaScript console Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.