Overview
Syllabus
Hi my name is Rich
Background
What is the same origin policy?
Same Origin Policy CSRF Quirks
Which Same Origin Policy?
Cookie Scope
Useful Cookie Facts
Recap: Writing Cookies
Double Submit Cookies
Framework Weaknesses
Cookies Apply to other CSRF Things!
NET MVC CSRF Protection
Other Frameworks
Single Sign On
How do we mitigate?
Tying Accounts Together
Attack Ideas
OAuth2 Facebook Attack
OAuth2 Attack
Logging into an Attacker Account
Attack Rating
A lot of custom Logic too
How do we fix this?
Practical CSRF Tips
"In-your-face" CSRF
Crashing Browsers
Logging out of Attacker Account
CSRF Protected POST XSS
"Non-Exploitable" XSS example
Generic Takeaways
Whitepaper Content
Taught by
Black Hat