Shulou(Shulou.com)06/01 Report--

This article mainly explains "what is CSRF". The content of the explanation is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what is CSRF".

What is CSRF?

As I just said, the full name is exaggerated request forgery, which is obviously a knowledge point related to security, which means that an attacker forges a request from a user's browser and sends it to a website that the user has authenticated to visit, causing the target website to receive and mistakenly think that it is the real operation of the user to execute the command.

For example, if you go shopping on a certain network and enter your username and password, the attacker reuses your username and password on another page. Such as sending emails, sending messages, stealing your account, even buying goods, and transferring money in virtual currency.

So the harm is quite serious, let's use a picture to show the process.

As for whether you can withstand the temptation, it depends on the individual. Sometimes we click on a link but don't do anything, but the money on the bank card is gone. Do you know why? We can simulate this process.

Why is your money gone?

In fact, this step is the same as the picture just now. Now there is a transfer between Zhang San and Li Si.

1. Zhang San gave Li Si 100 yuan and performed the following actions:

Xxx/transfer.php?from= Zhang San & money=100&to= Li Si

Notice that Zhang San did not close the page at this time. I didn't write the prefix here because I couldn't pass the review of the article.

2. If the hacker wants to transfer the money to himself, he will perform the following actions:

Xxx/transfer.php?from= Zhang San & money=100&to= hacker

Obviously, it will fail, because Zhang San will pass his session to the background server through cookie when logging in to the system. At this point, the system checks the identity in the current session and finds that it is incorrect and rejects it.

3. Hackers continue to find ways to use bad websites to induce:

The connection to the website was so colorful that Zhang San couldn't stop, so he clicked on the inducement link A. The message returned to the hacker at this time is:

one

two

three

four

five

six

seven

eight

nine

ten

If Zhang San has just transferred money to Li Si at this time, and the page has not been closed, he will click on this link, then the above operation will be performed. This is because the identity of the hacker at this time is Zhang San's information, and the bank does not know that because it is Zhang San, so it accepts the request.

Third, how to prevent

1. Verification code

This reason is very simple, and it is also the most widely used way at present. CAPTCHA forces the user to interact with the application in order to complete the final request. But the user experience in this way is poor.

2. Referer Check hotlink protection

You can detect whether the request comes from a legitimate source. If the request is not from a legitimate source, a CSRF attack is likely to occur, but the server cannot get the Referer at any time.

3 、 Token

Use dynamic Token. Use a true random number or a key-encrypted string as the token value. For more information, please see token in replay attack Defense. This defense requires paying attention to the complete randomness and validity of token. A token value that is often changed irregularly is often unbreakable.

Thank you for your reading, the above is the content of "what is CSRF", after the study of this article, I believe you have a deeper understanding of what CSRF is, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.