-
Notifications
You must be signed in to change notification settings - Fork 0
Website Attacks
txgz999 edited this page Aug 13, 2019
·
14 revisions
CSRF (Cross-Site Request Forgery)
Attackers allure our user to submit request to our website unintentionally to cause some damage to the user or to the website.
The prerequisite for this attack to work is the user has logged in to our website, and their identity is stored in cookie.
It utilizes the following nature of the cookie: each cookie belongs to a domain, and it gets send with request to servers that belong to that domain regardless the origin of the document that the submit code belongs to.
Such a request can be made by user clicking a hyperlink in an email he receives, or by a script that runs when user load a document.
- Rob Shapland, Cross-site request forgery: Lessons from a CSRF attack example
- Cross site request forgery (CSRF) attack
CSRF
- CSRF attacker allures our users to submit malicious request to our server. The submit form comes from the attacker, but it submits request to our server
- CSRF attacker cannot read or change cookies in our site
- CSRF attacker cannot get data from our site
CSRF Attack Solutions
- Harsha Kavinda, Synchronizer Token Pattern: when user logs in, generate a token and set it as a session variable. Then in every form sends to user, add that session variable value in a hidden field in the form. Once receives the form data submitted by user, check if that hidden field value matches the session variable value
- Harsha Kavinda, Double Submit Cookie Pattern: when user logs in, generate a token and put it in cookie. Then in every form sends to user, add that cookie value in a hidden field in the form. Once receives the form data submitted by user, check if that hidden field value matches the cookie value