The malicious site can send an request just as easily as it can send an insecure request. Using HTTPS doesn't prevent a CSRF attack. These alternative scenarios don't require any action or input from the user other than initially visiting the malicious site. Send the form submission as an AJAX request.Run a script that automatically submits the form.In addition to the scenario where the user selects the button to submit the form, the malicious site could: The request runs on the server with the user's authentication context and can perform any action that an authenticated user is allowed to perform. The browser makes the request and automatically includes the authentication cookie for the requested domain, Notice that the form's action posts to the vulnerable site, not to the malicious site. The user visits a malicious site, The malicious site, contains an HTML form similar to the following example: Congratulations! You're a Winner! The site is vulnerable to attack because it trusts any request that it receives with a valid authentication cookie. The server authenticates the user and issues a response that includes an authentication cookie. This form of exploit is also known as a one-click attack or session riding because the attack takes advantage of the user's previously authenticated session.Ī user signs into using forms authentication. These attacks are possible because web browsers send some types of authentication tokens automatically with every request to a website. Cross-site request forgery (also known as XSRF or CSRF) is an attack against web-hosted apps whereby a malicious web app can influence the interaction between a client browser and a web app that trusts that browser.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |