According to Wikipedia a CSRF (sometimes pronounced sea-surf[1]) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts.[2] Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.
من قبل
Hazem Salama , Senior Member of Technical Staff , Verizon Communications
Well, to put it simply, it is when unauthorized requests are being made to a web server pretending to be by some authorized users. Most web developers would check to see if the request came from an authorized browser (via cookies) but not who initiated the request. Hackers can simply assemble some HTML and convince users to click on it which will initiate the action from the user's browser hoping that the user's session is still valid.
The key to this is two fold.
First, never perform dangerous action via a get request, like the one mentioned here by Husni Mansour. Any meaningful action should always be via a post request
Second, you should send some key value together with the first request and store that as a cookie and as a hidden form field. Then when the form is submitted check both values to make sure they are the same. A hacker can modify your form fields but cannot read/modify your cookies due to the same-origin policy
it's type of hacking, by submitting a form or using a link without authorization/ or with faked authorization.
suppose you enter a website that use an iframe with like to your bank and the link is for delete the account there .. !!!
it can be avoided by using links that expired after short time or unique id for every form as a hidden input or in link as GET var like link?unique_id=32efewf523523
suppose you access ur bank account from your PC, the web portal of the bank has the option to send money to other users in a way like http://bank.com/index.php?action=transfer&amount=100&to=husni
you login and do your stuff there and change a the tab to other website that have fake link in the form of the one that your bank uses.
i guess this is the simplest way to explain this.
CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.
Cross-site request forgery (XSRF or CSRF) is a method of attacking a Web site in which an intruder masquerades as a legitimate and trusted user. An XSRF attack can be used to modify firewall settings, post unauthorized data on a forum or conduct fraudulent financial transactions. A compromised user may never know that such an attack has occurred. If the user does find out about an attack, it may only be after the damage has been done and a remedy may be impossible.
http://searchsoftwarequality.techtarget.com/definition/cross-site-request-forgery
