Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In Maryland Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In Maryland
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

View
 

Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In Maryland

Page history last edited by 9 years, 5 months ago

Project: WASC Threat Classification

Threat Type: Attack

Reference ID: WASC-9

 

Cross-Site Request Forgery

A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) [9] exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.

 

CSRF attacks are effective in a number of situations, including:

  • The victim has an active session on the target site.
  • The victim is authenticated via HTTP auth on the target site.
  • The victim is on the same local network as the target site.

 

CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered [5] to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.

 

Example

In order to forge a HTTP request, an attacker typically profiles the target site first, either by reviewing the HTML source or by inspecting the HTTP traffic. This helps the attacker determine the format of a legitimate request; the forged request is meant to mimic a legitimate request as closely as possible.

Consider a web site that allows users to configure their web-based email account to forward all incoming email to an alternative address:

Email:

Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In 

 

An attacker can deduce from viewing this HTML source or by using this form that a legitimate request will have a format similar to the following:

POST /account/edit HTTP/1.1
Host: example.org
Content-Type: application/x-www-form-urlencoded
Content-Length: 19
Cookie: PHPSESSID=1234

Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In  

Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In chris%40example.tld

 

Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In If an attacker could forge such a request from another user, it's possible that the attacker could begin receiving all of the victim's email. A popular technique is to use JavaScript to submit a form that consists of hidden fields. If the target of the form is a hidden IFrame, the response is hidden from view. The following example demonstrates this:

 




 

This malicious payload can be hosted on another web site the victim visits, or on the same site. Popular approaches for deploying malicious payloads include via banner ads, via cross-site scripting flaws, or via other means.

If the intent is to forge a GET request, a popular technique is to use an embedded resource such as an image as the malicious payload:

 
               
 

The key to understanding CSRF is to realize that only the request matters, and there are a variety of techniques that can be used to forge requests.

 

Public Incidents

Digg Exploit, 06 Jun 2006, Anonymous,

http://4diggers.blogspot.com/

 

Google Mail Exploit, 01 Jan 2007, Alex Bailey,

http://cyber-knowledge.net/blog/2007/01/01/gmail-vulnerable-to-contact-list-hijacking/

 

Amazon Exploit, 15 Mar 2007, Chris Shiflett,

http://shiflett.org/blog/2007/mar/my-amazon-anniversary

 

 

References

"Cross Site Reference Forgery: An introduction to a common web application weakness"

[1]http://www.isecpartners.com/documents/XSRF_Paper.pdf

 

"Cross-Site Request Forgeries", Peter Watkins

[2] http://tux.org/~peterw/csrf.txt

 

Make To Driver’s h Have Licenses Numbers N Random Now Tougher Id Theft

"Security Corner: Cross-Site Request Forgeries", Chris Shiflett

[3] Set Precedent Communities Restricted American Communities Independent For Age Fair Hoa Housing • Does Case

 

"The Cross-Site Request Forgery FAQ", Robert Auger

[4] Cards Real Issuing Scnow Starts Driver's com News Local State Id Licenses

 

"JavaScript Hijacking", Brian Chess, et al.

[5]

 

"Cross-Site Request Forgery: Looking at Devices", Daniel Weber

[6] http://labs.calyptix.com/csrf-tracking.php

 

"Cross-Site Request Forgery (CSRF)", Web Hacking Incidents Database

[7] http://webappsec.org/projects/whid/byclass_class_attack_method_value_cross_site_request_forgery_(csrf).shtml

 

"Cross-Site Request Forgeries: Exploitation and Prevention", William Zeller and Edward Felten

[8] http://freedom-to-tinker.com/sites/default/files/csrf.pdf

 

Cross-Site Scripting Section

[9] Road The Computing Cards For Id Of End

 

"Cross-Site Request Forgery", Wikipedia

[10] http://en.wikipedia.org/wiki/Cross-site_request_forgery

Country License Immigrants Driver’s – For Illegally Starts Process Cns Living In  

Cross-Site Request Forgery (CSRF)

[11] http://cwe.mitre.org/data/definitions/352.html

Comments (0)

You don't have permission to comment on this page.

 
Maryland is the first state on the East Coast to allow illegal immigrants to obtain a second-tier driver's license.Maryland Starts Driver’s License Process For Immigrants Living in Country Illegally – CNS Maryland