This application is a demonstration prototype just to show how to perform CSRF attack.
-
Install nodejs
-
Install dependencies
$ npm install
- Start application
$ node app.js
- Expose app via reverse proxy with HTTPS
-
Victim must be log in http://localhost:3000
-
Create an evil web page that make a malicious fund transfer order (http://localhost:3000/order)
-
Invit your victim to visit your evil page