Content deleted Content added
GreenC bot (talk | contribs) Rescued 1 archive link. Wayback Medic 2.5 per WP:URLREQ#voices.washingtonpost.com |
|||
| (7 intermediate revisions by 6 users not shown) | |||
Line 70:
==Other approaches to CSRF==
Additionally, while typically described as a static type of attack, CSRF can also be dynamically constructed as part of a payload for a [[cross-site scripting]] attack, as demonstrated by the [[Samy (XSS)|Samy]] worm, or constructed on the fly from session information leaked via offsite content and sent to a target as a malicious URL. CSRF tokens could also be sent to a client by an attacker due to [[session fixation]] or other vulnerabilities, or guessed via a brute-force attack, rendered on a malicious page that generates thousands of failed requests. The attack class of "Dynamic CSRF", or using a per-client payload for session-specific forgery, was described<ref>{{cite web|url=http://voices.washingtonpost.com/securityfix/2009/07/weaponizing_web_20.html
|archive-url=https://web.archive.org/web/20120528063619/http://voices.washingtonpost.com/securityfix/2009/07/weaponizing_web_20.html
|url-status=dead
|archive-date=May 28, 2012
|title=Security Fix - Weaponizing Web 2.0}}</ref> in 2009 by Nathan Hamiel and Shawn Moyer at the BlackHat Briefings,<ref>[http://www.neohaxor.org/2009/08/11/dynamic-cross-site-request-forgery/ Dynamic CSRF] {{webarchive|url=https://web.archive.org/web/20100213160456/http://www.neohaxor.org/2009/08/11/dynamic-cross-site-request-forgery/ |date=2010-02-13 }}</ref> though the taxonomy has yet to gain wider adoption.
| |||