[WEB SECURITY] Defeating nonce/token based CSRF protection
Zinho
zinho at hackerscenter.com
Thu Apr 17 14:17:43 EDT 2008
You're right Jeroen,
That's why I believe that strong CAPTCHA's are more robust than tokens
(nonces).
The problem with CAPTCHA's is that they are not always practicable. I've
worked to fix CSRF problems into Joomla and such new CMS are full of
ajax features and toggle buttons that are meant to increase usability
and, at least in the case of CSRF, decrease security.
Another solution would be to ask for further user authentication (login
again) before performing "sensitive" actions.
Anyway, in my opinion, there is so little attention to CSRF from web
developers that every time I see the use of tokens into the web
application I pen test, it seems a miracle to me.
--
----
Zinho
Webmaster and Founder
Hackers Center
Internet Security Portal
www.hackerscenter.com
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
More information about the websecurity
mailing list