17 septiembre, 2024

What is Cross-site Request Forgery? | Bootcamps

Know what is Cross-site Request Forgery and why does it represent a risk for web applications?

Web applications, like others software, are susceptible to security flaws. To find these flaws, it is necessary to perform penetration tests, also known as pentests. Penetration tests consist of using hacking techniques to find vulnerabilities in a computer system. In the case of web applications, pentesters They must learn to identify and exploit the main security flaws of these sites.

Security vulnerabilities or flaws are application errors that allow an attacker to cause damage to the system or its data.. In other words, vulnerabilities put both the application itself and its customers and developers at risk. These can be of different types and, therefore, have different levels of risk and impact for the application.

Currently, due to the large number of web applications that exist and the importance they have for the economy, cyber attacks directed at these software They are really common. Therefore, it is essential to carry out security audits to verify that the application does not endanger customer data and assets.

In this post, we will talk about a very common web cyberattack, which affects applications that have certain types of vulnerabilities, which we will explain later. Next, We will teach you what Cross-site Request Forgery is and why it represents a danger to users of a vulnerable application and possible owners.

What is Cross-site Request Forgery?

Cross-site Request Forgery (CSRF) is a type of web cyberattack that allows hackers to execute significant tasks on an application., through a malicious link, in the victim’s browser. That is, it is an attack that consists of capturing the request for an action in the application, creating a URL from it and executing it in the victim’s browser through this link.

Now, to better understand how this cyberattack works, why it is so dangerous and what methods exist to avoid it, We will see a practical example through the deliberately vulnerable application Damn Vulnerable Web App (DVWA).

Cross-site Request Forgery Example

When an application allows us to change a user’s password Without having to enter the previous password, we are faced with a CSRF type vulnerability. To exploit it, the process is as follows:

Preparation

Before starting this exercise, Remember that practicing web hacking on a site without permission is illegal. Therefore, we will set up a legal practice environment, which is totally secure and will be specially designed to make attacks without harming anyone.

To prepare our practice environment Follow the following instructions:

Install or open your preferred virtualization program. Like, for example, VMware or VirtualBox. There, it installs the deliberately vulnerable Metasploitable 2 virtual machine. Then, it installs or opens a virtual machine with the operating system to pentesting Kali Linux. Finally, for practical purposes, Find out the IP addresses of your machines by running the “ifconfig” command from the terminal.

For the purposes of this exercise, We will assume that the IP addresses of these virtual machines are:

Kali machine IP: 192.168.175.128
Metasploitable 2 IP: 192.168.175.130

Execution

We have already created our web hacking practice environment to practice a Cross-site Request Forgery attack. The process to execute it Step by Step is the next one.

Open the Burp Suite program, which comes preinstalled on Kali Linux. There, go to the Proxy tab and select the option «Open Browser«.
Access the IP address of the Metasploitable 2 machine and enter the link that says DVWA.

Sign in to the DVWA app with default credentials «admin» and «password«. Inside the app, go to the tab that says «DVWA Security» and choose the option «Low«. Then, open the tab called «CSRF«. Now, open the program Burp Suite and, in the tab «Proxy«, activate the button «Intercept is on» to capture the requests. Return to the Burp browser and In the “CSRF” tab, you will see the following screen:

Choose the password you want like «New password» and click «change«. Then, return to the Burp Suite window and you will see the intercepted request. In the petition, right click and select the option «Copy URL«.

The URL that will remain in the clipboard when visited will automatically change the victim’s password. To try it, run this link in another browser.

How to learn more?

Now you know what Cross-site Request Forgery is and how this web cyber attack is executed. If you want to learn more about web hackingjoin our Cybersecurity Full Stack Bootcamp and specialize in just 7 months. ¡Sign up now!

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *