CSRF

By -

Cross-Site Request Forgery (CSRF)

What is CSRF?

  • Cross-Site Request Forgery (CSRF) is an attack that focuses an end user to execute harmful actions on web application. The user should be authenticated user. Attacker can trick user to visit attacker’s domain. Then using CSRF attack, attacker can force user to perform state changing requests. For example, change email, bank details

Example :Changing users email

  • User loges in to web application (exmple.com) hosted on attacker.com
  • User visits attacker’s domain.:Attacker domain(attacker.com)

  • The attacker tricks user’s browser into sending request that changes users email in the web application hosted on the domain example.com.
  • When the request is sent to the domain example.com, The users authentication cookie appended to the outgoing cross site request .In this way web application knows whose email should be changed.
  • Next the request is processed by the web application hosted on the domain example.com.
  • Finally, users email changed

Attackers sample code of the page

  • <html>
    <body>
    Hello
    <script>
    var xhr = new XMLHttpRequest();
    xhr.open(“POST”,”https://example.com/profile.jsp”,true);
    xhr.setRequestHeader(“Content -Type”,”application/x-www-form-urlencoded);
    xhr.withCredentials = true;
    var body = email=attacker@example.com & action = Change+email;
    xhr.send(body);
    </script>
    </body>
    </html>

References



Comments

Post a Comment

Popular posts from this blog

cannot find java exe neither null jre bin java exe nor null bin java exe exists(iReport)

By -
Image
cannot find java exe neither null jre bin java exe nor null bin java exe exists When I was studying in my university,we have to do certain projects based on our Subjects. Therefore for the first year and second year projects we did desktop applications for Vehicle Management and Hardware management.For the improvement of the our client or the business it is a must to use certain report .It is a fast replacement comparing to the manual reports.We used Java language for those developments and NetBeans 8.1  latest IDE. For the reports we used iReport 5.6.0. But encountered with the above error even though we installed the latest versions of JDK 1.8.It was kind of a blocker for our development.But finally we overcome that problem and successfully completed the project. This might help you First I have to install NetBeans IDE. Check whether your JDK version is 1.7  If it is not then download JDK 1.7 ,JRE 1.7 and install.The link is below http://www.oracle.com/technetwork/jav
Read more

Google Drive API (oauth 2.0) Upload Files Java

By -
Image
Upload Files Java Google Drive Create Credentials Follow previous : Create Credentials Add Dependencies to Maven Project 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 <!-- https://mvnrepository.com/artifact/com.google.apis/google-api-services-drive --> <dependency> <groupId> com.google.apis </groupId> <artifactId> google-api-services-drive </artifactId> <version> v3-rev105-1.23.0 </version> </dependency> <!-- https://mvnrepository.com/artifact/com.google.api-client/google-api-client --> <dependency> <groupId> com.google.api-client </groupId> <artifactId> google-api-client </artifactId> <version> 1.23.0 </version> </dependency> <!-- https://mvnrepository.com/artifact/com.google.oauth-client/google-oauth-client-jetty --> <dependency> <
Read more

CSRF - Double Submit Cookie

By -
Image
Cross-site Request Forgery protection in web application Double Submit Cookie Send Random Value in both Cookie and request Server Verify matching of Cookie Value and Requested Value About Application Java Based Web application which has simple hard coded login page User login to the application with user name "asd" and pssword "123" Login Upon login, generate session identifier and set a cookie in the browser. At the same time, generate the CSRF token for the session and set a cookie in the browser. The CSRF token value is not stored in the server side. Store as a Cookie Generate Token Generated Token Value Cookie In Browser The webpage that has a HTML form. The method is POST. When the HTML form is loaded, run a javascript which reads the CSRF token cookie value in the browser and add a hidden field to the HTML form modifying the DOM.  Script When the form is submitted to the action,
Read more