WHAT IS CSRF ATTACK AND HOW TO HACK WEBSITE USING CSRF ?
WHAT IS CSRF ATTACK AND HOW TO HACK WEBSITE USING CSRF ?
Hey everyone so here is a brief tutorial on CSRF Attack and things that you want to know about it.
Now Cross Site Request Forgery Attack is also known as CSRF or XSRF in short.Don't confuse Yourself with Cross Site Scripting attack(XSS) because both are very different ok,So Like SQL injection and XSS, CSRF is also one in top 10 OWASP web vulnerabilities for many years.
What is Cross Site Request Forgery Attack?
Cross Site Request Forgery or CSRF is an attack method in which attacker exploit users' active session in the browser without the permission of innocent user. By using victim's browser session, attacker sends valid requests to a website that perform some action in users' account. User will not be able to know that the request has been sent from his browser. An Attacker uses some third party innocent websites to generate these valid requests from user’s browser.
EX: If a form on a website can also be submitted from some other website, It is vulnerable to CSRF. Suppose there is a form on a vulnerable website
(http://www.vulnerablesite.com/vulnerable.php)
And I made a duplicate form on my local host
I am able to submit the form by using the form on my localhost, the website is vulnerable to the CSRF attack This attack uses user's session to perform malicious task, so it is also known as "Session Riding attack." Sometimes it is hard to understand how this attack works in real life. So I am explaining it with the help of a example.
Have A Look into VIDEO If You want better explanation
CSRF Video Link Here
Suppose if an online payment website like Paypal has CSRF vulnerability(This just example okay). Attacker A want to exploit CSRF vulnerability of this website and attack on victim B. For this he use some third party website. Innocent User B login into his account to do check the balance and then switch to a new tab without logging out from the older tab. Session is active on the browser.
Attacker A had posted a link or image in a website that on load submits the payment transfer form to transfer money to the attacker's account by using active session. As the request came from user's browser by his session, CSRF vulnerable website will transfer the fund.
Difference beetween CSRF And XSS ?
I have seen any people have a confusion inn between CSRF and XSS attack.Let me make it clear both are different topic in security, In XSS attacker exploit the trust of users on website. So we inject malicious script and user believes on it just because he see a valid website URL. Unlike XSS, in CSRF attacker exploits the website's trust on the browser. In this, a website thinks that a request came from the user's browser is made by user itself.
But in the end Both vulnerabilities are serious enough.
Protection Tips against CSRF attack:
Many people thinks that limiting against XSS also limits CSRF. But this is not true. We have to make so many things to limit the attack.
There are many ways to protect the CSRF attack. Some important ways are given below:
Checking the HTTP Referrer header website. If it is a different domain, deny the request.
Limiting the lifetime of authentication cookies. If user is inactive for some fixed time, the session must be expired.
Limit the damage by authenticating each request made by user.
Use of random token for each session.
If you like this post do leave a comment or if you want a live demonstration or site for practice leave a comment :)
Hey everyone so here is a brief tutorial on CSRF Attack and things that you want to know about it.
Now Cross Site Request Forgery Attack is also known as CSRF or XSRF in short.Don't confuse Yourself with Cross Site Scripting attack(XSS) because both are very different ok,So Like SQL injection and XSS, CSRF is also one in top 10 OWASP web vulnerabilities for many years.
What is Cross Site Request Forgery Attack?
Cross Site Request Forgery or CSRF is an attack method in which attacker exploit users' active session in the browser without the permission of innocent user. By using victim's browser session, attacker sends valid requests to a website that perform some action in users' account. User will not be able to know that the request has been sent from his browser. An Attacker uses some third party innocent websites to generate these valid requests from user’s browser.
EX: If a form on a website can also be submitted from some other website, It is vulnerable to CSRF. Suppose there is a form on a vulnerable website
(http://www.vulnerablesite.com/vulnerable.php)
And I made a duplicate form on my local host
I am able to submit the form by using the form on my localhost, the website is vulnerable to the CSRF attack This attack uses user's session to perform malicious task, so it is also known as "Session Riding attack." Sometimes it is hard to understand how this attack works in real life. So I am explaining it with the help of a example.
Have A Look into VIDEO If You want better explanation
CSRF Video Link Here
Suppose if an online payment website like Paypal has CSRF vulnerability(This just example okay). Attacker A want to exploit CSRF vulnerability of this website and attack on victim B. For this he use some third party website. Innocent User B login into his account to do check the balance and then switch to a new tab without logging out from the older tab. Session is active on the browser.
Attacker A had posted a link or image in a website that on load submits the payment transfer form to transfer money to the attacker's account by using active session. As the request came from user's browser by his session, CSRF vulnerable website will transfer the fund.
Difference beetween CSRF And XSS ?
I have seen any people have a confusion inn between CSRF and XSS attack.Let me make it clear both are different topic in security, In XSS attacker exploit the trust of users on website. So we inject malicious script and user believes on it just because he see a valid website URL. Unlike XSS, in CSRF attacker exploits the website's trust on the browser. In this, a website thinks that a request came from the user's browser is made by user itself.
But in the end Both vulnerabilities are serious enough.
Protection Tips against CSRF attack:
Many people thinks that limiting against XSS also limits CSRF. But this is not true. We have to make so many things to limit the attack.
There are many ways to protect the CSRF attack. Some important ways are given below:
Checking the HTTP Referrer header website. If it is a different domain, deny the request.
Limiting the lifetime of authentication cookies. If user is inactive for some fixed time, the session must be expired.
Limit the damage by authenticating each request made by user.
Use of random token for each session.
If you like this post do leave a comment or if you want a live demonstration or site for practice leave a comment :)