« Article: Healthy suspicion Web application security | Main | Know your Enemy: Web Application Threats »

Cross-site Request Forgery and Blackhat SEO

I research whitehat and blackhat SEO in my spare time (however not on this domain :), and was thinking about some additional uses for Cross-site Request forgery from the blackhat SEO perspective.

* Publishing/Spamming links: People spamming forums with links is nothing new. By utilizing  CSRF on the otherhand you could force a website user base (either by embedding it into your site html directly, or by utilizing an XSS vulnerability) to submit forms with your url without their knowledge using the img javascript trick (as described about in the Cross-site Request Forgery FAQ.

* Redirectors: Search engines and sites displaying a sites rank (blogs, top sites community, top referers/incoming site links, etc...) count the number of times a specific url is clicked or visited. As described above if you can get the user to visit the site via CSRF, then you can potentially influence these counters using unique hostnames/sessions (if logged in already). I suspect this will start becoming a real issue within the next year. One of the issues with CSRF is that the referer is typically sent to the target site. These can be easily hidden by utilizing an open relay issue on a totally non related site. This will make that site show up in the referers instead of the site containing the CSRF payload.

CSRF is where Cross site scripting was 5 years ago and new and more interesting uses are going to keep being discovered. This vuln is in it for the long haul.


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!