Deal with top security vulnerabilities

Cross-site request forgery is an attack in which an attacker coerces a user to perform an action the user did not intend to, on a server the attacker has no control over.
For this reason, cross-site request forgery (or CSRF) is often referred to as a drive by attack. As a user drives by an attacker-controlled site, their browser is told to do things on a different, target website. When you visited the exploited page, JavaScript posted a transfer request to your website. In 2013 a CSRF attack on Facebook could let an attacker take over a user's account by targeting Facebook's email change functionality. CSRF attacks are also known by a number of other names, including XSRF, "Sea Surf", Session Riding, Cross-Site Reference Forgery, and Hostile Linking. Microsoft refers to this type of attack as a One-Click attack in their threat modeling process and many places in their online documentation.

Cross site scripting in number 1 vulnerability in the web, if you writing software you should know this. Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.

Here is quick demo on how to discover injection and tools to fix vulnerability.

You can earn money with this attack, something around $12,000 that can be paid by big fish websites like Facebook.com or others. Check out video for more detailed explaination how it is working: Cracking Websites with Cross Site Scripting - Computerphile

In order to avoid this vulnerability, sites should require anti-forgery tokens in every POST request. At the same time, any action that affects a user should be sent as a POST request. To check for CSRF, look for requests to the server that can be repeated or cause the same action or do not contain information that is unobtainable by an attacker.

Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user’s Web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. The impact of a successful cross-site request forgery attack is limited to the capabilities exposed by the vulnerable application. For example, this attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. In effect, CSRF attacks are used by an attacker to make a target system perform a function (funds Transfer, form submission etc.) via the target's browser without knowledge of the target user, at least until the unauthorized function has been committed.

    • #TOP 1 attack in the web: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
    • #TOP 2 attack in the web: SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

  • #TOP 3 attack in the web: Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.

References

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) 

https://www.owasp.org/index.php/Testing_for_CSRF_(OWASP-SM-005) 

https://en.wikipedia.org/wiki/Cross-site_request_forgery

Security vs Privacy

Summary

As seen in the above scenarios, the CSRF is no longer an issue that can be neglected in today‟s web application arena. The CSRF armed with the HPP (HTTP Parameter Pollution) attack vector can even bypass web browser-based filter, web firewall, and defense employed in applications. Tools used to identify and prepared CSRF are readily available. Make sure that you patch security holes and check for most common attacks. 

Add comment

Loading