Learning Web Security Cross Site Request Forgery CSRF Practical Way - Loyal Code Lab

Untitled-1

We Love Coding , We Love Designing , We Love Learning

Friday, 18 January 2019

Learning Web Security Cross Site Request Forgery CSRF Practical Way

This article deals about practicle working of this attack and how to be safe from this attack.
In first part we've discussed about basics of Web security Cross Site Request Forgery CSRF


Practical Way of CSRF attack on website:

There are many ways in which user can be tricked into loading information from or submitting form-data to a web application. Let us consider the following example: John wishes to transfer $800 to Snehal using the myebank.co.in web application that is vulnerable to CSRF. Haxor, an attacker, wants to trick John into sending the money to her instead. 

The attack will comprise the following steps:
1. building an exploit URL or script
2. tricking John into executing the action with social engineering.


Using HTTP-GET Request:

If the application was developed only to accept HTTP-GET to transfer parameters and execute actions, the money transfer operation might be reduced to a request like:

GET http://myebank.co.in/transfer.php?acct=Snehal&amount=800 HTTP/1.1

Haxor now decides to exploit this web application vulnerability using Snehal as his victim. Haxor first constructs the following exploit URL which will transfer $800,000 from John's account to her account. he takes the original command URL and replaces the beneficiary name with himself, raising the transfer amount significantly at the same time:

http://myebank.co.in/transfer.php?acct=Haxor&amount=800000




The social engineering aspect of the attack tricks John into loading this URL when he's logged into the bank application. 

POST http://myebank.co.in/transfer.php HTTP/1.1

acct=snehal&amount=800

modern browsers doesn’t support cracking cookies but however if attacker used old browsers to make
this work you can put with the following header:

CORS also used to defend against this attack. Access-Control-Allow-Origin: *


I hope this artcile was helpful to understand about this attack and practical way to solve this vulnerability when development of the website

please do like our FB page and support us... stay tuned with us

No comments:

Post a Comment