CSRF Introduction

Jul 23, 20252 min read

CSRF (3 Part Series)
1. CSRF Introduction
2. How it works
3. Source Code Review

Cross-Site Request Forgery (CSRF) is a type of web security vulnerability that allows an attacker to trick a user into performing unintended actions on a web application where they are authenticated. This article explores what CSRF attacks are, how they work, their potential impact, and effective strategies to prevent them.

What is a CSRF Attack?

CSRF, also known as “session riding” or “XSRF,” exploits the trust that a web application has in a user’s browser. When a user is authenticated with a website (e.g., through a session cookie), the browser automatically sends authentication credentials with each request to that site. A CSRF attack manipulates this behavior by inducing the user to unknowingly submit a malicious request, such as changing account details, transferring funds, or performing other sensitive actions, without their consent.

For example, imagine a user is logged into their banking website. If they visit a malicious site or click a crafted link while still authenticated, the attacker could trigger a request to the banking site (e.g., to transfer money) using the user’s session, without the user realizing it.

How CSRF Attacks Work

A typical CSRF attack follows these steps:

  1. User Authentication: The victim logs into a legitimate website, and their browser stores a session cookie or other authentication token.
  2. Malicious Request: The attacker tricks the user into interacting with a malicious website, email, or link. This could be through social engineering, such as clicking a link in a phishing email or visiting a compromised webpage.
  3. Forged Request: The malicious site sends a request (e.g., via a hidden form, image tag, or JavaScript) to the target website, leveraging the user’s existing session.
  4. Action Execution: The target website processes the request as legitimate because it includes the user’s valid session credentials, executing the attacker’s intended action.

For instance, if a banking site has a feature to transfer money via a POST request like POST /transfer?amount=1000&to=attacker_account, an attacker could craft a malicious webpage with a hidden form that submits this request when the user visits it.

A demonstration of a CSRF attack on a vulnerable web application is shown in the next part of this series.

Graph View

Backlinks

  • No backlinks found