Practical CSRF example using Burp Suite
Revision as of 13:43, 31 January 2020 by Nmuehlberger (talk | contribs)
Introdutcion
As the internet is used nowadays for fields like e-commerce, finance and healthcare, web applications need to become more and more secure to prevent attackers from exploiting any vulnerabilities so the user’s credentials can be kept safe. As some vulnerabilities are not as widely known as they should be, although they are rather common, this article deals with one of these vulnerabilities called Cross-Site Request Forgery(CSRF). It works through injecting HTML or similar code with malicious code and exploits the vulnerabilities based on the website trusting in the user’s requests. This article shows how such an attack can be performed on an unsecure webpage using Burpsuite.