All modern web browsers implement Same Origin Policy (SOP)
on website content. This policy avoids one website from writing
contents of frame that was issued from different domain. This policy was
implemented against Frame Injection flaws. JSON CSRF exploits SOP by
lifting one way restriction on website and allows data from another
website to execute on different domain. This vulnerability is result of
flaw in SOP which treats JavaScript as code and not data. According to
browser policy a code is allowed to get downloaded and execute over a
client browser though original source of script is different.
Full form of JSON is Java Script Object Notification
which is a data transfer format for JavaScript interpreters. It is used
in AJAX based applications as an alternative to standard XML data
transfer format. In these applications requests are made using XMLHttpRequest
to server and server returns data in JSON format. The received data is
proceed on client side. Since JavaScript is used to transmit data than
pure code SOP policy can get exploited to gain data generated by other
applications. This data is transmitted back in form of an array. Thus
due to JSON an XSRF attack can be easily executed on vulnerable site.
From above discussion its quite clear JSON CSRF attacks can be
implemented over a AJAX based website which uses JSON data transfer
format against standard XML data transfer format.
Surely this topic is little wild to
understand for those who don't know JavaScript, AJAX and XML. By the way
in next post we'll see how to find vulnerability and execute attack
using JSON format till then thanks for reading, have a nice time and
keep visiting.
0 comments:
Post a Comment