Cross Site Request Forgery (also known as XSRF) works by exploiting the
trust of a users intentions. Site tasks are usually linked to specific
urls (Example: http://site/stocks?buy=100&stock=ebay) allowing a
certain action to happen when visited
by the user. If a user is logged into the site and an attacker tricks
their browser into making a request to one of these task urls, then the
task is performed and logged as the logged in user. Typically you’ll
use Cross Site Scripting to embed an IMG tag
or other HTML/Javascript code to request a specific ‘task url’ and if the user is logged in it will get executed without
their knowledge. These sorts of attacks are fairly difficult to detect potentially leaving a user debating with the
website/company as to whether or not the stocks bought the day before we initiated by the user after the price
plummeted.
What is Cross Site Request Forgery?
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack