Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Csrf / Xsrf Basics                            --by                     Jovin Lobo
Definition :“CSRF / XSRF (Cross-Site Request Forgery) is atype of web application vulnerability that allows amalicious web...
OWASP describes CSRF as ....CSRF is an attack that tricks the victim into loading a pagethat contains a malicious request....
Basic Working
DEMO
Prevention techniques that SUCK !!!✗   Secret cookies✗   Accepting only POST requests✗   Multi-Step transactions
Then how do we prevent it ??“Adding any unpredictable parameter to therequests should solve the problem...............What...
Some prevention techniques that          DO NOT SUCK ...✔   Challenge-Response :    ➢   Re- Authentication.    ➢   Impleme...
Synchronizer Token PatternIts a Server-Side Solution.Concept: Establish a token on the server side that indicates a valids...
Control FlowRef: http://pg-server.csc.ncsu.edu/mediawiki/index.php/Image:Positive_flow.png
Control flow with invalid tokensRef : http://pg-server.csc.ncsu.edu/mediawiki/index.php/Image:Negative_flow.png
QUESTIONS ??
References:●   https://www.owasp.org/index.php/Cross-Site_Request_Forgery_    %28CSRF%29_Prevention_Cheat_Sheet●   http://...
THANK YOU
Upcoming SlideShare
Loading in …5
×

CSRF Basics

3,560 views

Published on

null Pune Chapter - August 2012 Meet

Published in: Education, Technology
  • Be the first to comment

CSRF Basics

  1. 1. Csrf / Xsrf Basics --by Jovin Lobo
  2. 2. Definition :“CSRF / XSRF (Cross-Site Request Forgery) is atype of web application vulnerability that allows amalicious website to send unauthorized requeststo a vulnerable website using active sessions ofits authorized users.” --- Samvel Gevorgyan
  3. 3. OWASP describes CSRF as ....CSRF is an attack that tricks the victim into loading a pagethat contains a malicious request. It is malicious in the sensethat it inherits the identity and privileges of the victim toperform an undesired function on the victims behalf likechange the victims e-mail address, home address, orpassword..etcSo basically CSRF attacks target functions that cause astate change on the server but can also be used to accesssensitive data.
  4. 4. Basic Working
  5. 5. DEMO
  6. 6. Prevention techniques that SUCK !!!✗ Secret cookies✗ Accepting only POST requests✗ Multi-Step transactions
  7. 7. Then how do we prevent it ??“Adding any unpredictable parameter to therequests should solve the problem...............What Say ??”
  8. 8. Some prevention techniques that DO NOT SUCK ...✔ Challenge-Response : ➢ Re- Authentication. ➢ Implement CAPTCHAS.✔ Synchronizer Token Pattern
  9. 9. Synchronizer Token PatternIts a Server-Side Solution.Concept: Establish a token on the server side that indicates a validsubmission, and give a token signature to the client thatcorresponds to that token (most likely in a hidden input field).When the client submits their form, the server validates their tokenand proceeds. It then marks the token as invalid so it may not beused again. The result is that any given form may only be usedonce and then will not work again.
  10. 10. Control FlowRef: http://pg-server.csc.ncsu.edu/mediawiki/index.php/Image:Positive_flow.png
  11. 11. Control flow with invalid tokensRef : http://pg-server.csc.ncsu.edu/mediawiki/index.php/Image:Negative_flow.png
  12. 12. QUESTIONS ??
  13. 13. References:● https://www.owasp.org/index.php/Cross-Site_Request_Forgery_ %28CSRF%29_Prevention_Cheat_Sheet● http://tournasdimitrios1.wordpress.com/2012/02/16/preventing- cross-site-request-forgeries-in-php/● http://pg- server.csc.ncsu.edu/mediawiki/index.php/CSC/ECE_517_Fall_2009 /wiki2_3_b5
  14. 14. THANK YOU

×