Menu

Introduction to PCI DSS (Payment Card Industry Data Security Standard)   Introduction to PCI DSS (Payment Card Industry Data Security Standard)   

Data Protection Act 1998   Data Protection Act 1998   

Secure HTML Practices   Secure HTML Practices   

SQL Injection Attack - Introduction and Mitigation Steps   SQL Injection Attack - Introduction and Mitigation Steps   

Cross Site Scripting (XSS) – Introduction and Mitigation Steps   Cross Site Scripting (XSS) – Introduction and Mitigation Steps   

Audit and Testing Tools for Web Application Security   Audit and Testing Tools for Web Application Security   

Threat Modeling for Web Application Security - Practice Guide   Threat Modeling for Web Application Security - Practice Guide   

Cross-Site Request Forgery (CSRF) – Introduction and Mitigation Steps

Published on: 8/17/2014
Topic: Web Application Security
Cross-Site Request Forgery (CSRF) is a way to perform an malicious action by tricking legitimate web site users and using an valid user context to pass an malicious request to web server. Because the request is originated under a valid user context, web server failed to validate malicious intent and execute user request with full trust thus allow attacker to exploit any weakness in server side environment.


Table of Contents

Overview

Unlike Cross Site Scripting (XSS) attack, that is used mostly to steal user data, the Cross-Site Request Forgery (CSRF) mostly exploit the weakness in website’s authentication & authorization process and many times both of these attacks are used in combination. Existence of an XSS vulnerability allows attacker to bypass the anti-CSRF mechanisms. Thus Cross Site Scripting misuses the user’s trust on a known web site and the Cross-Site Request Forgery (CSRF) misuse Website’s trust on user requests.

For example consider a scenario that you are browsing a support forum where another user has posted a good answer to your query and posted an image into his detailed response page but the image src element is actually a attack URL i.e. a HTML URL request to your banking website to transfer funds.

<img src=”http://yourbank.com/transfer?accountholder=you&amount=5000&transferto=attaccker”>

In such case if the bank trusts on your browser, it would execute the transfer request. The trust could be assumed because there is a active cookie having valid session/account id issued from for banking site only after proper authentication process. Similarly attacker may lure you to click on a HTML link or an image that may execute java script.

The CSRF vulnerabilities has also resulted in remote code execution with root privileges as well as a vulnerability that can compromise a root certificate, which will completely undermine a public key infrastructure.


Continue Reading: Minimize Cross-Site Request Forgery (CSRF) Attacks