12
I’m seeing some people mentioning such attacks CSRF here at Stack Overflow.
What I’d like to know is:
What is an attack CSRF?
How it’s done?
What damage can it cause?
How can I avoid CSRF attacks?
12
I’m seeing some people mentioning such attacks CSRF here at Stack Overflow.
What I’d like to know is:
What is an attack CSRF?
How it’s done?
What damage can it cause?
How can I avoid CSRF attacks?
13
It is a type of attack to damage or steal a user’s data on a web service. Usually a malicious website, widget or application takes advantage of the user being logged in to some web service and performs actions in that service.
XSS: Let’s say you have a facebook and, like almost everyone else, your browser is always logged in to facebook. You enter a malicious website that contains an iframe pointing to facebook. When you finish loading the page, this site executes a javascript that fills the facebook status for "sou n00b" and presses send. (This scenario is currently "blocked" by web browsers)
CSRF: Let’s say you have a bank account in Panama, and log into your web banking. This web banking is done on web 1.0, where each completed link or form needs to reload the entire page. Still logged in, you enter a malicious website that redirects you, via POST, to the "processa_transferencia.php" page, sent in the POST an account number and a value. The n00b that made the site checks if you are logged in. If yes, processes the transfer. BYE CASH!
Understanding what it is CORS is a good start, mainly to defend from XSS.
In the case of CSRF, the easiest is to use security tokens for POST type requests. Basically, the page containing the form to be sent creates a TOKEN. When the user submits the POST of this form, just check if the TOKEN came together and if it is the one that was previously generated.
The OWASP has a set of prevention tips for this type of attack.
1
A CSRF (from English Cross-Site Request Forgery) It’s a type of attack that, by running a malicious script on the victim’s browser, accesses another website without the victim noticing. The attacker can thus hijack the victim’s session by being able, for example, to comment on the site, transfer monetary values, place an order, etc.
The most common technique to prevent this type of attack is to place a token through a field hidden in the form. When the form is submitted it is guaranteed that the token is present and coincides with the token stored in session (Macintyre, Danchilla, & Gogala, 2011).
Browser other questions tagged security-guard csrf
You are not signed in. Login or sign up in order to post.
What is Token? I’m kind of new to programming and I don’t know much
– user45722
@Vinicius Token is just a nickname for identifier. In the case of the problem, Token is an alpha-numeric sequence that identifies the user. You can think like login protection systems, such as Steam, where the mobile app generates a code to be entered at the time of login. In case, your application will generate a hidden token to be sent by form.
– FReNeTiC