Penetration Testing - Cross Site Request Forgery (CSRF)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone in this video we will talk about cross-site request forgery so cross-site request forgery also referred as CSRF or C Cerf so before going further let me give you one example that there is one user who is logged in on a particular web site and attacker sends a malicious link to that user of a malicious website and if that user clicks on that link and open that malicious web site then that malicious web site will make a request to that web site on which the user is logged in on the behalf of user so here you can see that that malicious web site will make a legitimate request to that legitimate web site on which the user is authenticated and the request is triggered as soon as user click on that malicious link so the session IDs cookies tokens are all sent by users browser to that legitimate website if the malicious web site make a request now let's see how CSRF attack works now let's have a look at basic C's of attack the first thing we have to do is we have to start our OS broken web application which we usually do all the times and here you will see that my OS broken web application is up and running so let me open the OS broken replication of Firefox now this time we have to use this web application over ass with app goat so if I just click over here it asks us for the username and the password so the username is guest and the password is guest click on OK so here you will see the ovis web code web application so let's click over here start web good and on the left hand side you will see lot of challenges let's go here cross-site scripting and here you will find one challenge called as cross-site request forgery or cease off let me open this challenge so what we have to do is we just have to assume that we are a normal user we are a authenticated user and we are logged in so now what we have to do is we actually have to create HTML page or we have actually have to create HTML page and inside it we have to create an image tag which will be hidden so that image tag will actually points to this URL and in that image tag we have to pass additional parameter called as transfer funds so if I if I if any user like me I am authenticated user here as web God so if an attacker will send me the link of its web page so if I just open its web page then a transfer of 4,000 rupees will be done from my web goat account so this is the challenge so here you can see your goal is to send an email to a newsgroup that contain edge that contain an image whose URL is pointing to malicious request so try to include 1x1 pixel image the URL should point to CSRF lesson with an extra parameter called as transfer funds and here you will see that they have given us something to store the value like if I just write here text hello this is sample text and now if I click on submit you will see that this text has been submitted and we can just read it content now let's create HTML file which will point to that CSRF URL so height should be one and it should be one and the source let me just copy this URL let me paste it over here and what they want is they want an additional parameter called as transfer funds equals 4,000 so here you will see that our HTML webpage is ready now one thing more so there are different different tags in the HTML which we can use to trigger the CSRF attack so the one is image because the image tag contain a source and we can point the source to our CSRF web application so we can also use iframe tag because iframe tag also consists of this attribute source then we can also use script tag and few more so let me just paste it we just create a file called as attack dot HTML and let me just close this so now as an assumption so what we have to do is we have to layout our victim as a pen tester we have to lower our victim to open this file so if we if our victim open this file then the transfer of 4,000 rupees will be done from his account so if I just open this file ok now let's go here and I'll refresh this page but before refresh this page let's do one thing let's go here to the developer and click over here Network and I'll let now let's see that what's the network traffic comes in and goes out now if I just reload the page you will see at top this get request and if I just click over here you will see our request and here you will see a small green tick means the transfer funds of 4000 has been successfully done from the victim account so you will see a green tick so if you want to just restart this lesson just click on restart this lesson so this was the very very basic attack of sea surf but in the advanced courses we'll cover this topic in much more detail so in this video we have covered that what's a cease of attack and how we can do cease of attack and with good web application so thanks for watching this video

Info

Channel: Tutorials Point (India) Ltd.

Views: 48,870

Rating: undefined out of 5

Keywords: Web Application Penetration Testing, Testing Security, Testing, Penetration Testing - Cross Site Request Forgery (CSRF), Cross Site Request Forgery

Id: dMwxIHIabeg

Channel Id: undefined

Length: 7min 32sec (452 seconds)

Published: Wed Jan 17 2018