Download
1 / 5
60 likes | 233 Views
Cross-site request forgery. (CSRF, XSRF, One-click attack, session riding). Intro – what is CSRF?. CSRF is a request made to the server that the server is not able to determain is coming from the user or an attacker. Example. Bank. Facebook. Browser. Bill. Favorite Forum/blog.
E N D
Cross-site request forgery (CSRF, XSRF, One-click attack, session riding)
Intro – what is CSRF? • CSRF is a request made to the server that the server is not able to determain is coming from the user or an attacker.
Example Bank Facebook Browser Bill Favorite Forum/blog http://mybank.com/showaccount?id=bill http://mybank.com/withdraw?from=bill&amount=10000&for=someguy <img src=http://mybank.com/withdraw?from=bill&amount=10000&for=someguy />
How to protect yourselves • Use POST instead of GET (when changing data) • Limiting the lifetime of session cookies • Re-authenticate on important requests • Save a unique ID in the session and verify each request
Example <?php session_start(); if(!$_SESSION['UNIQUEID']) { $_SESSION['UNIQUEID'] = createRandomKey(); } if($_POST) { if($_POST['UNIQUEID'] != $_SESSION['UNIQUEID']) { exit('not a valid request'); } } public function createRandomKey() { $keyset = "abcdefghijklmABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $randkey = ""; $amount = "10"; for ($i=0; $i < $amount; $i++) { $randkey .= substr($keyset, rand(0, strlen($keyset)-1), 1); } return $randkey; } ?>
