cross site request forgery n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Cross-site request forgery PowerPoint Presentation
Download Presentation
Cross-site request forgery

Loading in 2 Seconds...

play fullscreen
1 / 5

Cross-site request forgery - PowerPoint PPT Presentation


  • 119 Views
  • Uploaded on

Cross-site request forgery. (CSRF, XSRF, One-click attack, session riding). Intro – what is CSRF?. CSRF is a request made to the server that the server is not able to determain is coming from the user or an attacker. Example. Bank. Facebook. Browser. Bill. Favorite Forum/blog.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Cross-site request forgery' - mandell


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
cross site request forgery

Cross-site request forgery

(CSRF, XSRF, One-click attack, session riding)

intro what is csrf
Intro – what is CSRF?
  • CSRF is a request made to the server that the server is not able to determain is coming from the user or an attacker.
example
Example

Bank

Facebook

Browser

Bill

Favorite

Forum/blog

http://mybank.com/showaccount?id=bill

http://mybank.com/withdraw?from=bill&amount=10000&for=someguy

<img src=http://mybank.com/withdraw?from=bill&amount=10000&for=someguy />

how to protect yourselves
How to protect yourselves
  • Use POST instead of GET (when changing data)
  • Limiting the lifetime of session cookies
  • Re-authenticate on important requests
  • Save a unique ID in the session and verify each request
example1
Example

<?php

session_start();

if(!$_SESSION['UNIQUEID']) { $_SESSION['UNIQUEID'] = createRandomKey(); }

if($_POST) {

if($_POST['UNIQUEID'] != $_SESSION['UNIQUEID']) {

exit('not a valid request');

}

}

public function createRandomKey() {

$keyset = "abcdefghijklmABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

$randkey = "";

$amount = "10";

for ($i=0; $i < $amount; $i++) {

$randkey .= substr($keyset, rand(0, strlen($keyset)-1), 1);

}

return $randkey;

}

?>