Pinterest Problem Csrf Verification Failed?

[dankass 52]

Anybody have any idea what this means when trying to create a pinterest account, or how to get around it? I can fill out the form fine, and this is what comes up after submitting the form.

 

Forbidden (403)

CSRF verification failed. Request aborted.

[malefic 48]

I get it now and again - not Ubot related as if you google the error you see that loads of people are seeing it.

Try logging out, clearing cookies and cache.....normally works for me

[HelloInsomnia 1103]

Before submitting the form try to set the referrer to the current page. Honestly, this is a total guess but it might work.

[dankass 52]

Before submitting the form try to set the referrer to the current page. Honestly, this is a total guess but it might work.

 

Tried it and it didn't work:/   Yea, I dont have a clue how to get around this, but I absolutely cannot make an account with ubot on pinterest. I can do it just fine manually in my browser.

[HelloInsomnia 1103]

If you don't mind sharing your code I'll take a look or I'm sure somebody will at least.

[dankass 52]

If you don't mind sharing your code I'll take a look or I'm sure somebody will at least.

 

Sure, thanks! I'm curious if everyone has this problem or if its just me or what.

ui text box("Username", #Username)
ui text box("email", #email)
ui text box("Password", #Password)
ui text box("First Name", #Firstname)
ui text box("Last Name", #Lastname)
ui drop down("Sex", "Female,Male", #SEX)
ui button("Create Pinterest Account") {
    CreatePinterest()
}
define CreatePinterest {
    set referrer("https://www.google.com")
    allow flash("Yes")
    allow popups("Yes")
    clear cookies
    set user agent("Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0")
    navigate("http://pinterest.com/", "Wait")
    wait for browser event("Everything Loaded", "")
    click(<href="/join/discover/">, "Left Click", "No")
    set referrer("http://pinterest.com/join/discover")
    wait for browser event("Page Loaded", "")
    click(<href="/join/register/">, "Left Click", "No")
    wait(5)
    wait(2)
    type text(<name="username">, #Username, "Standard")
    wait(2)
    type text(<email field>, #email, "Standard")
    wait(2)
    type text(<password field>, #Password, "Standard")
    wait(2)
    type text(<name="first_name">, #Firstname, "Standard")
    wait(2)
    type text(<last name field>, #Lastname, "Standard")
    wait(2)
    change dropdown(<sex dropdown>, #SEX)
    wait(1)
    if($comparison(#SEX, "=", "Female")) {
        then {
            click(<data="female">, "Left Click", "No")
        }
        else if($comparison(#SEX, "=", "Male")) {
            click(<data="male">, "Left Click", "No")
        }
        else {
            click(<data="unspecified">, "Left Click", "No")
        }
    }
    wait(2)
    click(<create account button>, "Left Click", "No")
}

[dankass 52]

P.S. in looking at the source, I'm sure it has something to do with this

<div style="display:none"><input type="hidden" name="csrfmiddlewaretoken" value="M3c6rNVqT2JKHJYRYTrF4HGfy3P"></div><div style="display:none"><input type="hidden" name="_ch" value="jf4jieci"></div>
                <input type="hidden" name="registration_type" value="email" id="id_registration_type">
                <div class="buttons">

I have also tried scraping this csrfmiddlewaretoken attribute and the "_ch" one both and then doing a change attribute command on the value with the scraped value to see if it would work, but that did not help any either. This is looking for some kind of "middleware"  but I don't know how it works or how to get around it.

 

SOLVED

 

AHA!  Ok, I don't know for sure which thing did it, but I added the above scrape & fill for that token stuff, and set the referrer to the current page and changed the useragent to iphone and it worked. I think I may have had the referer page wrong and did not use https and that may have been the whole problem. Will be experimenting more, but thought I'd post real quick that I have a solution anyway.