Cross-Site Request Forgery

Attack that forces the end user to execute unwanted actions on a web application in which they are currently authenticated
This tricks the victim into submitting a malicious request
Attacker inherits the identity and privileges of the victim to perform an undesired function on the victim's behalf
The site has no way to tell forged requests and a legitimate request
Mitigation
- Configure web server to send random challenge tokens
- If every user request includes this challenge token then you can easily spot the forged requests

sequenceDiagram 
 autonumber 
 Victim->>TrustedBanking.com: Client logs into trusted site. 
 TrustedBanking.com->>Victim: Session ID stored in web browser cookie. 
 Victim->>Evil.net: Client visits malicious website. 
 Evil.net->>TrustedBanking.com: Requests sent using session ID from browser.

PreviousCross-Site Scripting NextFile Inclusion

Last updated 11 months ago