Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
chamav2016-03-15 12:42:45
CSRF
chamav, 2016-03-15 12:42:45

What vulnerability can be when CSRF token is equivalent to session id?

Those. I understand that it is necessary that the csrf token be unique and stored in the session.
But I'm working with a legacy project and there CSRF token is the session id
. With each request to the server, the token is added to the request and taken from the cookies like this
req.token =Ext.util.Cookies.get(Main.session_name);
After that, the server is simply checked like this:
$_POST['token'] ==$_COOKIE[$cookie_name] and if they are equal, then we work with the form data
(cookie: sid: 1234567890
req{token: 1234567890})
But I I can’t imagine how such an implementation can be exploited
If we force the user to go to our script that makes a request to the attacked server
then the browser will automatically send a request with the session () taken from the browser, but you can’t force it to send the same sessionid post from the cookies?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
E
Eduard Tsakhlo2017-10-06 19:43:05
How to compose this https request so that the status code is 200/302? 1Reply
A
alex stephen2017-10-31 10:23:35
How to make csrf form protection on a third-party resource? 2Reply
S
SHentai2017-11-01 10:51:12
How to enter the site using XSRF-TOKEN? 1Reply
L
lamzin2020-03-19 14:41:34
Do I need a csrf token in forms in sections of the site that are inaccessible to unauthorized users? 1Reply
A
Anton2020-04-10 21:13:45
CSRF token generation or other php options? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question