I’ve been studying web security again recently and decided to do a POC of CSRF (Sea Surf) (Cross Site Request Forgery). It’s been done/covered many times before but is worth discussing given how few know about the issue.
The link below is a page on my website that logs you out of dslreports.com (my favorite security forum) without you doing anything but viewing the page. It works by my having an image on the page that points to the logout URL, which your browser automatically loads upon visiting the page.
The problem? If you’ve been to DSLR recently it sends your cookie along with the request to logout. So YOU did it, not me. What else can someone make you do using your own credentials?
So here’s the link. Don’t click it unless you don’t mind me logging you out of DSLR. (Or, more accurately, me making you log yourself out of DSLR. 🙂 )