Cross-Domain Attacks for Fun and Pro?¬? t
Now that we have explored the theoretical underpinnings of CSRF vulnerabilities and
discovered a web application with vulnerable methods, let??™s assemble both a basic and
more advanced CSRF attack.
78 Hacking Exposed Web 2.0
Assembling a CSRF Attack
Although by definition CSRF attack ???payloads??? are customized for a specific action at a
specific site, the structure of the attack and majority of the exploit code necessary to take
advantage of these vulnerabilities is highly reusable. Here we will explore the steps an
attacker can take to put together a CSRF attack.
Identify the Vulnerable Method We have already discussed some of the factors that go into
judging whether a request against a web application may be easily forged across domains.
The authentication method, predictability of parameter data, and structure of the request
and the user population for the application all factor into the judgment of whether an
attack is possible. Attackers will weigh this assessment against the benefits gained by
faking the request. In the past, attackers have been motivated by the ability to steal
money, the desire to cause mayhem, and even the prospect of adding thousands of
unwitting users to their social network.
Pages:
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171