CSRF Protection using Synchronizer Tokens
What is cross site request forgery?
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request
We can avoid these kind of attack (CSRF) by two ways
1. Synchronizer Tokens
2. Double submitted cookies
Here we are considering on Synchronize Tokens. When we login, there will be a random number generated and stored on the client side and server side as well. So when the attacker creates the code he doesn't know the token value. So he can not create a code with the correct token value. Anyhow, if the victim clicks the link, that won't be harmful. because the verification will fail.
For the first step we want to create the session in the client side (index.php). Then we want create a cookies and set session id to the cookie. It shown the below figure.
when we execute this code a cookie will be created and will contain the current user session id.
After this we want to create a CSRF token in the server side (server.php).
Now we should request to the server to get the CSRF token when client page is loaded. Using Ajax we can send data to the server in the background. So we have to create a file called 'config.js' and create a function there. This function's work is to send a request to server side and grab CSRF Token and store it in the 'hidden DOM' field on the client side when the page is loaded.
Then we wants to call the function from index.php
When the user enter the username and the password those two credentials will be validated and check whether is a valid user
Get the full code from here
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request
We can avoid these kind of attack (CSRF) by two ways
1. Synchronizer Tokens
2. Double submitted cookies
Here we are considering on Synchronize Tokens. When we login, there will be a random number generated and stored on the client side and server side as well. So when the attacker creates the code he doesn't know the token value. So he can not create a code with the correct token value. Anyhow, if the victim clicks the link, that won't be harmful. because the verification will fail.
For the first step we want to create the session in the client side (index.php). Then we want create a cookies and set session id to the cookie. It shown the below figure.
when we execute this code a cookie will be created and will contain the current user session id.
After this we want to create a CSRF token in the server side (server.php).
Now we should request to the server to get the CSRF token when client page is loaded. Using Ajax we can send data to the server in the background. So we have to create a file called 'config.js' and create a function there. This function's work is to send a request to server side and grab CSRF Token and store it in the 'hidden DOM' field on the client side when the page is loaded.
Then we wants to call the function from index.php
When the user enter the username and the password those two credentials will be validated and check whether is a valid user
Get the full code from here
Comments
Post a Comment