- Cross-site request forgery (CSRF) attacks exploit web page vulnerabilities that allow an attacker to force an unsuspecting user’s browser to send malicious requests, which they did not intend to send
- The user, who is the victim holds an active session with a trusted site and simultaneously visits a malicious site, which injects an HTTP request for the trusted site into the victim user’s session, compromising its integrity
- Logs into the trusted site and creates a new session
- Stores the session identifier for the session in a cookie in the web browser
- Visits a malicious site
- Sends a request from the user’s browser using his session cookie
CSRF 就是在使用者不知情的情況下,讓瀏覽器送出請求給目標網站以達攻擊目的,通常指的是發生在使用者已經登入目標網站後,駭客利用受害者的身分來進行請求 。
CSRF 雖然跟 Session Hijacking 很類似,但是跟 Session Hijacking 不一樣的是 CSRF 並沒有真正控制整個 Session (例如取得 Session Token),而只是利用瀏覽器自動回傳使用者身分識別資訊 (如 Session Token) 的功能,讓發出的請求變成受害者的身分。
參考網址
Cheng® 