Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of maliciousexploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.
The attack works by including a link or script in a page that accesses a site to which the user is known (or is supposed) to have been authenticated For example, one user, Alice, might be browsing a chat forum where another user, Mallory, has posted a message. Suppose that Mallory has crafted an HTML image element that references an action on Alice's bank's website (rather than an image file), e.g.
If Alice's bank keeps her authentication information in a cookie, and if the cookie hasn't expired, then the attempt by Alice's browser to load the image will submit the withdrawal form with her cookie, thus authorizing a transaction without Alice's approval.
A cross-site request forgery is a confused deputy attack against a Web browser. The deputy in the bank example is Alice's Web browser which is confused into misusing Alice's authority at Mallory's direction.
The following characteristics are common to CSRF:
Involve sites that rely on a user's identity
Exploit the site's trust in that identity
Trick the user's browser into sending HTTP requests to a target site
Involve HTTP requests that have side effects
At risk are web applications that perform actions based on input from trusted and authenticated users without requiring the user to authorize the specific action. A user who is authenticated by a cookie saved in the user's web browser could unknowingly send an HTTP request to a site that trusts the user and thereby causes an unwanted action.
CSRF attacks using image tags are often made from Internet forums, where users are allowed to post images but not JavaScript.
The attack works by including a link or script in a page that accesses a site to which the user is known (or is supposed) to have been authenticated For example, one user, Alice, might be browsing a chat forum where another user, Mallory, has posted a message. Suppose that Mallory has crafted an HTML image element that references an action on Alice's bank's website (rather than an image file), e.g.
If Alice's bank keeps her authentication information in a cookie, and if the cookie hasn't expired, then the attempt by Alice's browser to load the image will submit the withdrawal form with her cookie, thus authorizing a transaction without Alice's approval.
A cross-site request forgery is a confused deputy attack against a Web browser. The deputy in the bank example is Alice's Web browser which is confused into misusing Alice's authority at Mallory's direction.
The following characteristics are common to CSRF:
Involve sites that rely on a user's identity
Exploit the site's trust in that identity
Trick the user's browser into sending HTTP requests to a target site
Involve HTTP requests that have side effects
At risk are web applications that perform actions based on input from trusted and authenticated users without requiring the user to authorize the specific action. A user who is authenticated by a cookie saved in the user's web browser could unknowingly send an HTTP request to a site that trusts the user and thereby causes an unwanted action.
CSRF attacks using image tags are often made from Internet forums, where users are allowed to post images but not JavaScript.
No comments:
Post a Comment