如何检测CSRF漏洞 [英] How to detect CSRF vulnerabilities

问题描述

有一个网站，如何检测潜在的CSRF漏洞？

given a website, how to detect potential CSRF vulnerabilities?

预先感谢

推荐答案

这是 CSRF 攻击： -

www.evil.com 上诱使受害者浏览的页面包含以下代码：-

A page on www.evil.com that the victim is enticed to browse contains the following code:-

<form method="post" action="https://www.example.com/executeAction">
    <input type="hidden" name="action" value="deleteAllUsers">
</form>

<script>document.forms[0].submit()</script>

当受害者登录到您的网站时（ www.example.com ）作为管理员用户，则表单提交有效，并且所有用户都将从您的系统中删除。

As the victim is logged into your site (www.example.com) as an admin user, the form submission works and all users are deleted from your system.

同步器令牌模式解决此漏洞。当合法用户在服务器上存储并与用户会话配对后，将在您的网站上添加一个加密安全的随机字符串，称为令牌，该令牌称为表单。提交表单后，系统将检查POSTED令牌是否与期望的令牌匹配。任何攻击者都无法从您的站点读取令牌，因为任何跨站点访问均受相同起源政策。

The Synchronizer Token Pattern is the recommended way to fix this vulnerability. This will add a cryptographically secure random string known as the token to your form when loaded on your site by a legitimate user that has been stored on the server side and paired to the user session. When the form is submitted, your system will check that the token POSTed matches the one expected. Any attacker cannot read the token from your site as any cross site access is protected by the Same Origin Policy.

网络安全扫描程序通常可以检测到您网站上的此类漏洞。您可以通过检查浏览器机制提交的表单来手动检查，以查明它们是否包含令牌字段。但是，AJAX提交可以使用其他方法，例如 Origin 标头或 X-Requested-With 。

A web security scanner can usually detect these sort of vulnerabilities on your site. You can check manually by inspecting forms submitted by the browser mechanism to find out if they contain a token field. However, AJAX submissions may use another method such as the Origin header or X-Requested-With.

这篇关于如何检测CSRF漏洞的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！