Description:
Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF ("sea-surf") or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts.[2] Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.
This is a basic CSRF demonstration using
Hacme Casino by Jeremiah Talamantes (RedTeam Security). The intent is to provide a basic understanding of what and how a CSRF attack is developed and carried out.
Jeremiah Talamantes (labs [] redteamsecure.com) is the founder and Principal Consultant for RedTeam Security. You can
visit their site for more information.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: