Hello friends this write-up is about how I bypass the CORS validation. Let assume the website name redact.com simple I login to website check for CSRF attack but there is Current Password pram which mean if able to bypass there CSRF protection I need victim current password to exploit it
Then I saw..
I try to set the attacker.com in the Origin header but not work here I try by adding another Origin header it also fail basically the server is check the Origin header value like this
So we can simply trick the server, bypass that validation by setting the Origin header value to redact.com.attacker.com
Simply try this on the redact.com & it worked
So simply loading the Account-Detail page from Evil origin to steal the information
Simply send that fetch request to steal the account information page & display it on the evil.com
Boom data steal I hope you guys like it.