Cross-Site Request Forgery, also known as one click attack or session
riding and abbreviated as CSRF (Sea-Surf) or XSRF, is a kind of
malicious exploit of websites. Although this type of attack has
similarities to cross-site scripting (XSS), cross-site scripting
requires the attacker to inject unauthorized code into a website,
while cross-site request forgery merely transmits unauthorized
commands from a user the website trusts.
GMail is vulnerable to CSRF attacks in the "Change Password"
functionality. The only token for authenticate the user is a session
cookie, and this cookie is sent automatically by the browser in every
request.
An attacker can create a page that includes requests to the "Change
password" functionality of GMail and modify the passwords of the users
who, being authenticated, visit the page of the attacker.
The attack is facilitated since the "Change Password" request can be
realized across the HTTP GET method instead of the POST method that is
realized habitually across the "Change Password" form.
Bookmarks