Wednesday, August 17, 2011

WebGoat - CSRF


Attack process:
Show as following picture.
1st, Victim has authenticated with WEB Server,
2nd, at the same time, the Attacker send a malicious link to fool victim to click
3rd, If the victim click the malicious link... the transfer will be happened underground.

In this case, we just post a massage with malicious code:

Title: my new picture
Message: <img src="" height=0 width=0 />

If the victim click the Title (my new picture), the transfer will be triggered.
The victim's browser will try to load the image file (height=0 and width=0 will make the picture to be invisible), then it will send forged request to the URL in "src" tag (with the victim's authentication info).


1 comment:

  1. Great article it explains CSRF without getting too stuck in the weeds