- Introduction
- Use of HTTP Cookies
- How Cookies are Created
- Use of HTTP Authentication
- What is Cross-Site Request
- Steps in CSRF Attack
- Recommendation for Protection
1. Introduction
- Use of HTTP Cookies
- Use of HTTP Authentication Credentials (Authentication Tokens)
2. Use of HTTP Cookies
3. How Cookies a Created
However, when a website sends a cookie to a browser, the website also provides and ‘expires’ attribute together with other attributes. The expires attribute indicates the validity period of the cookie of which the cookie is deleted after thee validity period. If the expires attribute is lacking, then this type of cookie is known as session cookie and is normally deleted when the user closes the browser window. Cookies that comes with an expires field are known ‘persistent cookies’.
4. Use of HTTP Authentication
This is a somewhat more secure mechanism used in intranet environments and does not make user of cookies. In this case, when a site is visited by a user, a popup is displayed that requests for user credentials. After the user submits the data, the credentials are encrypted and sent to the server using what is known as authorization request header.
When later the user visit other web pages in the same intranet, then the browser automatically sends the credentials along with the request in the Authorization header.
5. What is Cross-Site Request?
Cross-Site request occurs when a site contains a redirection to another site. In this case, a HTTP request sent to site A could also generate a HTTP request to site B. This is provided in form of hyperlinks in the first site.
So when a user clicks on link or button included in a web page, then the link may actually be directing an external website.
6. Steps of CSRF Attack
Generrally, the CSRF attack exploits the vulnerability of cross-site request for malicious intents. This is how it works:
- User visits his banks website(mybank.com) and does a transaction.
- He visits another website hacker.com without logging from his banking portal
- Hacker.com creates and submits a request to mybank.com using the users active session. On sending this request, the user’s browser attaches the valid authentication cookie to the request
- The mybank.com website interprets this request as coming from the user and processes it.
7. Recommendations for Protection
- always ensure you log out after using a secure application
- close the browser window after using a secure application such as you banking website.
- shut down your system at least everyday as this erases the cookies stored in the system.