Dynamic CSRF White Paper Posted — Portal - Dave's Blog

Search

Dynamic CSRF White Paper Posted — Portal

2009 Aug 21, 3:13"At Black Hat USA 2009 and Defcon 17 Nathan Hamiel and Shawn Moyer introduced an attack called Dynamic Cross-Site Request Forgery (CSRF). This white paper discusses the attack and discusses several Dynamic CSRF attack vectors." Seems to require sites trying to secure CSRF scenarios using session IDs in their URLs.PermalinkCommentssecurity csrf research browser web technical
Older Entries Creative Commons License Some rights reserved.