CSRF - Cross Site Request Forgery

CSRF refers to an attack against authenticated web applications using Cookies wherein an attacker is able to trick a victim into making a request that the victim did not intend to make.  With CSRF an attacker abuses the trust a web application has with a victim’s browse and can perform unintended actions on the application within the user context and privilege level.

During a Cross-site Request Forgery (CSRF) attack, the victim’s browser is tricked into sending HTTP requests to the web application as intended by the attacker, normally, such a request would involve submitting forms present on the web application to alter some data.  If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

A real world example was found in ebay (2004) where it was possible to craft a URL that cause the requesting user to make a bid on an auction site.  A third party website could cause visitors to request this URL, so that any user who visited the website would end up placing a bid.

External Resources

https://www.youtube.com/watch?v=hW2ONyxAySY - Troy hunt 30min explanation with example.