CSRF Redirector

8 07 2011

Yes, this is Cross-Site Request Forgery Redirector. If you are a fan of PHP, I am quite certain that you have heard of Chris Shiflett. He presented a CSRF Redirector. The idea is to re-route the GET request from one place to the POST request of another place which is the target site. As Chris has turned off this service, I think I had to rebuild it myself,for educational purpose, I insisted.

To recap, Alice had logged in to http://example.com, she had an active session. Eve sent a short but malicious link to Alice. That link rendered a HTML page containing a wicked iframe:

iframe src="http://[target_site]/csrf_redirect.php?csrf=http://example.com/buy_process.php?pid=7|product=iPad2|price=899" style="display:none"

The purpose of the malicious short link was to make a purchase silently. You can read more details about CSRF by Chris Shiflett from CSRF attack.

I could not show the sourcecode here because wordpress trimmed all of my html tags, but you could get it from:

Download PHP-CSRF Redirector

I hope this might help you realise how dangerous CSRF is. Enjoy!!



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: