In this post I’ll show your cross site request forgery ( CSRF ) example . I’ve created web application that simulate money transferring app and it’s vulnerable to CSRF attack , so you can try example on live website .
What is CSRF ?
Cross Site Request Forgery works by exploiting the trust that a site has for the user. Site tasks are usually linked to specific urls
(Example: http://hackspc.com/sellpage?money=1000&count=145689782562) allowing specific actions to be performed when requested. If a user is logged into the site and an attacker tricks their browser into making a request to one of these task urls. Typically an attacker will embed malicious HTML or
Let’s say that user with username „ hackspc.com“ visits Web application for money transferring and log in with username: hackspc.com and password: 12345 . You can find that web application on http://websecurityexamples.com/CSRF/
In our web application user has option to send money to other accounts .
If you log in with username hackspc.com and type into field Amount: 100 and into field Send money to: 124578326598 . You will transfer amount of 100 to bank account 124578326598 .
Below is image that shows bank status after transferring amount of 100 from user hackspc.com to bank account 124578326598 .
Pay attention to the field “Amount” . You’ll see that the amount of user with username “hackspc.com ” decreased by 100, while the number of user with username “Hacker” increased by 100
It is the simplest princip of how bank application works .
Let’s say that user with username Hacker published on forum image with a malicious IMG tag . SRC attribut from malicious image is GET request that execute command for transferring of money.
So , how CSRF attack works ? Let’s say that user hackspc.com , while he is logged in web application for transferring of money visits forum called „hackers_xxxxx“ .
Web client from user hackspc.com will load image with malicious code and execute it. Web client will be fooled , because user hackspc.com is logged while visiting forum „hackers_xxxxx“ and it will send GET request that transferring amount of 1000 from user hackspc.com to bank account 124578326598 . :
to web application for money transferring.
malicious image :
Normal IMG tag has SRC attribut that points to location where image is placed . It looks as show below:
You can download complete web application for money transferring that is vulnerable to CSRF attack on this LINK