A Cross-site request forgery hole is when a malicious site can cause a visitor's browser to make a request to your server that causes a change on the server. The server thinks that because the request comes with the user's cookies, the user wanted to submit that form.
Depending on which forms on your site are vulnerable, an attacker might be able to do the following to your victims:
Log the victim out of your site. (On some sites, "Log out" is a link rather than a button!) Change the victim's site preferences on your site. (Example: Google) Post a comment on your site using the victim's login. Transfer funds to another user's account.
Attacks can also be based on the victim's IP address rather than cookies:
Post an anonymous comment that is shown as coming from the victim's IP address. Modify settings on a device such as a wireless router or cable modem. Modify an intranet wiki page. Perform a distributed password-guessing attack without a botnet. (This assumes they have a way to tell whether the login succeeded, perhaps by submitting a second form that isn't protected against CSRF.)
CSRF attacks usually involve JavaScript to submit the cross-site form automatically. It is possible for a malicious site to make a user submit a form to another site even without JavaScript, however: form fields can be hidden and buttons can be disguised as links or scrollbars.
0
comments, (654 reads) All Articles by, GentleGiant