O'Reilly logo

Kali Linux Web Penetration Testing Cookbook by Gilberto Nájera-Gutiérrez

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Performing a cross-site request forgery attack

A cross-site request forgery (CSRF) attack is one which forces authenticated users to perform unwanted actions on the web application they were authenticated to use. This is done using an external site the user has visited and which triggers the action.

In this recipe, we will obtain the information from the application to see what the attacking site needs do to be able to send valid requests to the vulnerable server. Then, we will create a page to simulate the legitimate requests and trick the user into visiting the page while authenticated. The malicious page will then send requests to the vulnerable server and, if the application is open in the same browser, it will perform the actions as if the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required