Cross-Site Request Forgery is another web based attack. For the basic understanding, Suppose a user’s browser may be running a script from a good site and also malicious script from a bad site. This can happen when the user has logged into the good site and kept the session alive. For examples the user has logged into Gmail and has not logged off and Similarly the user may be browsing the other sites include bad site that sends the malicious script to the browser. The malicious script can then forge a request to the good site using the user cookie. but they do not know that the request was not sent by the user.
Figure : 1
In the figure above, the user logs in and establish session with good site, and keep session alive. Similarly, the user browses a bad site and runs malicious script on the browser. The malicious script forged request to the good site.
Examples of XSRF
A user logs into bank.com forget to logged off. The session cookie remain in the browser. If the user is phished to visit a malicious website attacker.com which sends an HTML page that contains a hidden I frame that include the malicious content, that the HTML page with action will be performed on the bill payment form of bank.com. In this way the malicious script forged the request on be half of user without knowing the users. Just for understanding you can see the script below.
<form name = BillPay Form action=http://bank.com/BillPay.php>
<input name=recipent value=badguy>….
<script>document.BillPayForm.submit();</script>
The following pictures depicts more.
Figure: 2
Source: GaTech OMSCS – CS 6035: Introduction to Information Security