You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Cross-Site Request Forgery (CSRF) is an attack that tricks a victim's browser into sending an unwanted request to a web application where the victim is authenticated. Because the browser automatically includes cookies with every request to the site, the application cannot distinguish between a legitimate request and a forged one.
CSRF exploits the trust a web application places in the user's browser. If a user is logged into their bank and visits a malicious page, that page can trigger a request to the bank — and the browser will include the user's session cookie automatically.
1. Victim logs into https://bank.com (session cookie set)
2. Victim visits https://evil.com (while still logged into bank)
3. evil.com contains: <img src="https://bank.com/transfer?to=attacker&amount=10000">
4. Victim's browser sends the request to bank.com WITH the session cookie
5. bank.com processes the transfer because the session is valid
The simplest form — an image tag or link triggers the request:
<!-- Hidden on the attacker's page -->
<img src="https://bank.com/transfer?to=attacker&amount=5000" width="0" height="0">
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.