Definition :“CSRF / XSRF (Cross-Site Request Forgery) is atype of web application vulnerability that allows amalicious website to send unauthorized requeststo a vulnerable website using active sessions ofits authorized users.” --- Samvel Gevorgyan
OWASP describes CSRF as ....CSRF is an attack that tricks the victim into loading a pagethat contains a malicious request. It is malicious in the sensethat it inherits the identity and privileges of the victim toperform an undesired function on the victims behalf likechange the victims e-mail address, home address, orpassword..etcSo basically CSRF attacks target functions that cause astate change on the server but can also be used to accesssensitive data.
Prevention techniques that SUCK !!!✗ Secret cookies✗ Accepting only POST requests✗ Multi-Step transactions
Then how do we prevent it ??“Adding any unpredictable parameter to therequests should solve the problem...............What Say ??”
Some prevention techniques that DO NOT SUCK ...✔ Challenge-Response : ➢ Re- Authentication. ➢ Implement CAPTCHAS.✔ Synchronizer Token Pattern
Synchronizer Token PatternIts a Server-Side Solution.Concept: Establish a token on the server side that indicates a validsubmission, and give a token signature to the client thatcorresponds to that token (most likely in a hidden input field).When the client submits their form, the server validates their tokenand proceeds. It then marks the token as invalid so it may not beused again. The result is that any given form may only be usedonce and then will not work again.
Control FlowRef: http://pg-server.csc.ncsu.edu/mediawiki/index.php/Image:Positive_flow.png
Control flow with invalid tokensRef : http://pg-server.csc.ncsu.edu/mediawiki/index.php/Image:Negative_flow.png