1. Computing

5 Reasons Your Ruby Code Is Vulnerable to Attack

By

There are a number of reasons that someone would want to launch a CSRF attack and each has its own unique impact. In explaining these reasons, we've used the names conventionally used in cryptography and information technology. Alice is our typical user and Mallory is a malicious attacker.

1. Mallory wishes to delete or poison data on Site A

The malicious request sent to Site A when Alice inadvertently comes in contact with the HTML tag on Site B may carry a command to delete information, post false information or otherwise deface Site A. The impact of this can be anything from creating new data--which may be an outright defacement, contain disinformation or direct users to another malicious website--to deleting or altering existing data. If Mallory has complete access to the website's interface via Alice's authorization credentials, anything that can be done with Alice's privileges is possible.

2. Mallory wishes to escalate her privileges on Site A.

The malicious request to Site A may create new users with privileges higher than Mallory's current privileges and/or change her own privileges. This could lead to further damages since Mallory would then have direct control over the site's data. As such changes could go unnoticed as because there is no visible change to the site, Mallory could also wait until the webserver logs rotate (possibly deleting the old logs) to perform any further attacks with her escalated privileges,covering her tracks even further.

3. Mallory wishes to lower the privileges of Alice or another user

The malicious request to Site A may delete or alter user authentication information and lock administrators or moderators out of the site. Mallory could use this approach in conjunction with a privilege escalation to attempt to retain control of the site for a longer period of time, or in conjunction with a defacement to prevent administrators from deleting the message.

4. Mallory wishes to cause a denial of service on Site A

The malicious request to Site A may leave the site in a broken or invalid state, denying other users use of and access to Site A. In addition to preventing users and administrators from accessing the site, this broken state may also expose error messages, making valuable information about the internal workings of the website available to Mallory. She can then use this information to launch further attacks on Site A, potentially with more devastating effects.

5. Mallory wishes to frame Alice for an attack or attempted attack on Site A.

Since all malicious requests to Site A will be made by Alice's web browser, any attack caught by the administrators of Site A will appear to have come from Alice. The administrators may remove Alice's privileges, ban Alice from the site, or even have Alice convicted of a crime.
  1. About.com
  2. Computing
  3. Ruby
  4. Ruby on Rails
  5. Security
  6. The Intent and Impact of Cross-Site Request Forgery (CSRF) Attacks

©2014 About.com. All rights reserved.