Other Approaches To CSRF
Additionally, while typically described as a static type of attack, CSRF can also be dynamically constructed as part of a payload for a cross-site scripting attack, as demonstrated by the Samy worm, or constructed on the fly from session information leaked via offsite content and sent to a target as a malicious URL. CSRF tokens could also be sent to a client by an attacker due to session fixation or other vulnerabilities, or guessed via a brute-force attack, rendered on a malicious page that generates thousands of failed requests. The attack class of "Dynamic CSRF", or using a per-client payload for session-specific forgery, was described in 2009 by Nathan Hamiel and Shawn Moyer at the BlackHat Briefings, though the taxonomy has yet to gain wider adoption.
A new vector for composing dynamic CSRF attacks was presented by Oren Ofer at a local OWASP chapter meeting on January 2012 - "AJAX Hammer - Dynamic CSRF".
Read more about this topic: Cross-site Request Forgery
Famous quotes containing the word approaches:
“If I commit suicide, it will not be to destroy myself but to put myself back together again. Suicide will be for me only one means of violently reconquering myself, of brutally invading my being, of anticipating the unpredictable approaches of God. By suicide, I reintroduce my design in nature, I shall for the first time give things the shape of my will.”
—Antonin Artaud (1896–1948)