ORSYS le mag 2025 logo

The training and skills medium

Home > Cybersecurity glossary > CSRF πŸ”΄ Attack

CSRF πŸ”΄ Attack

CSRF attack (or Cross-Site Request Forgery) is a malicious technique in which an attacker incites a user to execute, without his knowledgeunwanted actions on a web application to which it is attached. already authenticated. The aim is to diverting trust that the application grants to the user, by exploiting the cookies or identifiers stored in the browser.

  • CATEGORY : 🔴 Computer attack
  • FREQUENCY : 🔥🔥🔥
  • DANGEROUS : πŸ’€πŸ’€πŸ’€
  • DIFFICULTY OF ERADICATION : 🧹🧹🧹

 

Google - Noto Color Emoji 15.0 (Animated)How it works

 

  1. Typical scenario :
    • The user is connected to a site (e.g. online banking, social networking).
    • They visit a malicious site or click on a booby-trapped link.
    • This link triggers an HTTP request to the target application, by using the user's session cookies.
    • The application treats the request as legitimate, because it comes from an authenticated browser.
  2. A concrete example : 
    
<form action="https://banque.com/transfer" method="POST">
  <input type="hidden" name="amount" value="1000">
  <input type="hidden" name="account" value="ATTACKER_ACCOUNT">
</form>
<script>document.forms[0].submit();</script>

    If the user is connected to bank.comrequest transfers €1,000 without her consent

 

πŸ“Œ Necessary conditions

 

  • Cookie authentication the application uses cookies to manage sessions
  • No CSRF protection no random tokens (CSRF token) is not required to validate sensitive requests
  • Predictive queries the parameters of the action (e.g. URL, form fields) can be guessed

 

🎯 Possible actions via CSRF

 

  • Changing passwords or e-mail addresses
  • Publication of undesirable content (e.g. social networks)
  • Bank transfers, unauthorised purchases
  • Deleting accounts or data

 

πŸ›‘οΈ Protection methods

 

  1. CSRF Tokens :
    • Generate a unique, random token for each form or request.
    • The server checks this token before executing the action.
  2. SameSite Cookies :
    • Define the SameSite=Strict or Lax to prevent cookies being sent in cross-site requests.
  3. Checking the Referer/Origin :
    • Check that the request comes from the same domain as the application.
  4. User recognition :
    • Request a password or 2FA for critical actions.

 

πŸ” Example

 

  • In 2018, a vulnerability CSRF was found in Drupalallowing attackers to modify administrative settings.

⚠️ Difference between CSRF and XSS

 

  • CSRF : exploits a site's trust in the user.
  • XSS exploits a user's trust in a site (injection malicious code).

πŸ“Š Statistics

 

  • OWASP Ranked in the Top 10 web risks until 2017, less frequent today thanks to modern protection.
  • Bug Bounty Premiums for CSRF vulnerabilities vary between 500 and €5,000  according to criticality.
Back to Glossary

field of training

ο€­

Cybersecurity

associated training



Systems and network security, level 1



Hacking and security, level 1



Information systems security, summary

BEST

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity