Web applications attacks/Cross site request forgery
Jump to navigation Jump to search
CSRF (also called XSRF) attacks consist of tricking a legitimate user into activating a request to a web site, transparently and unwittingly.
To better understand, let's take an example. Suppose A wants to delete a post in a forum, but his privileges are not enough to do it. If A knows B and B has the necessary privileges to delete the post, A can send a malicious link to B (e.g. an image containing the link to delete the post). When B clicks on that link, it activates the deletion, based on B's session (with privileged access).
- Check the Referer before validating form data. See here for an example in PHP
- Arachni is a fast asynchronous Web Application Security Scanner that detects, among others, CSRF vulnerabilities.