What is CSRF?
- Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.
- CSRF attacks specifically is forcing authenticated user to execute a valid request by cheat user with creating a popup button.
1. Main Objectives of CSRF Attack
- Use a content management system to add/delete content from a website.
- Transfer money from one bank account to another.
- Add items to a user’s shopping basket.
- Change the delivery address of an order.
2. Impact of CSRF Attack
- User account can be compromised
- Leaked of sensitive data
- Loss of Organization Reputation
- Loss of Client Trust
3. Disclosure of Token in URL
- CSRF tokens in GET requests are potentially leaked at several locations :-
- Browser history
- Log files
- Network appliances
4. Remediation Action on CSRF Attack
- Implementing Anti-CSRF Token at every page of the Web Application
- Unique for every user session
- Large random value
- CSRF token can be added through hidden fields OR headers
- Make sure that the token is not leaked in the server logs, or in the URL.
- Server must reject the requested action if the CSRF token fails validation.
- The token must have expiry token session (e.g : 10 Minutes per session, may differ depend on application type)