Secondary Categories: 02-Web Application
Description:
A successful cross site request forgery attack carried out by an attacker will cause the victim user to execute an unintentional action on a web browser. A good example of a successful CSRF attack would trick the user to transfer funds from their bank account to another bank account and the attacker. In summary the attacker can gain access or full control of all the web application data and functionality of a victims account through a forged request using browser cookies.
So how does a CSRF work? In its simplest form the way a CSRF works is first the attacker has to identify a relevant action such as privileged action such as changing a username, deleting an account, or transferring money. Once the attacker has identified a action to leverage then the attacker can check if the application relies solely on the session cookies to identify the user who is authorizing the action. If there is no other method the application takes to verify that the user made the action then the attacker can begin to forge a request. By default browsers trust the code that is given to it and will send the session cookies the site if it is believed to be trusted.
There are many ways to target a user using a CSRF. For example an attacker can add some malicious code to a fake site that could have a hidden iframe or just built into the site page. The malicious code would make a POST request to the web application that is vulnerable to the CSRF attack. So to piece it all together when the victim navigates to fake site with the attackers malicious code the victims browser will be tricked to handing the session cookie of our target application to the malicious code and bundle all it into a POST request and send that to the target web application. The POST request would be the privileged action that the attacker takes advantage of to gain access or modify the application data.
Links
Resources:
| Title | URL |
|---|---|
| place | holder |
Also Check Out:
- Placeholder