CSRF in Layman’s tech terms (or as best as possible)

Pronounced Sea surf and it stands for Cross-Site Request Forgery.

Cross-site means the situation has 2 domain urls, the phishing site and the target domain to attack. Request means resource request (url, image, etc).

What it means is an attacker is placing html code inside a browser page or email source that the user is visiting. The site itself is “safe”, and the user thinks that as well, but the damage is that the link or worse, img url that’s loaded ends up downloading a torrent file or doing an admin function on another site via the querystring.

Example scenario

The end user goes to BusinessSite.com daily to manage users, and they’re currently logged in too (via user-local stored cookie, that’s also sent along).  So, any malicious link that’s clicked would have negative consequences.

Say the page html source of compromised or phishing site has a link like so:

Click <a target="_blank" href="http://BusinessSite.com/admin/tools.aspx?action=deleteUser&userID=7&bypassConfirm=true">here</a> to win.

When the user clicks on the link, pow! User with 7 has been automatically deleted. See how detrimental XSRF attacks can be to data, people, and business processes?



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s