[Owasp-leaders] CSRF

Giorgio Fedon giorgio.fedon at owasp.org
Wed May 29 14:11:40 UTC 2013


Bit difficult but could be interesting. Herein I try to explain it better:

http://site/login?user=user&password&redirectifloginsuccessful=362547262349387.externaldomain
http://site/login?user=user&password&redirectifloginsuccessful=273829262349387.externaldomain
...

externaldomain could be blocked as an externernaldomain is not site, so
unsafe redirection may not take place.
However site could try to resolve the externernaldomain sub domain as an
additional security check.

CSRF the login funciontality would be good for having more power and
forcing load balancers to perform login faster to trigger the DNS
resolution from the internal server.


On 05/29/2013 03:46 PM, Giorgio Fedon wrote:
> Another scenario is when you need to poison DNS cache. In that case you
> may need many resolution request from a lot of different ips. And maybe
> the function that force the dns resolution is in the authenticated area
>
>
> On 05/29/2013 03:19 PM, gaz Heyes wrote:
>> On 29 May 2013 14:14, Giorgio Fedon <giorgio.fedon at owasp.org
>> <mailto:giorgio.fedon at owasp.org>> wrote:
>>
>>     Incrimination is something that may happen by forcing a user doing
>>     something illegal.
>>
>>
>> That isn't what I meant. You can assign the IP address of the user to
>> a specific account that has already performed or about to perform
>> illegal activity.
>


-- 
| Giorgio Fedon, Owasp Italy
|
| In Input Validation 
|            and Output Sanitization, 
|                                   We Trust
--
| Web: https://www.owasp.org/index.php/Italy
|_____________________________________________.



More information about the OWASP-Leaders mailing list