Overview:
This app demonstrates how a CSRF (Cross-Site Request Forgery) attack targets user sessions. It sets up two virtual servers: one with CSRF protection and one without. The protected server ensures secure transactions, allowing the correct data to be saved in the database. The unprotected server, however, is vulnerable to forgery, showing how malicious sites can manipulate user actions and compromise security in the absence of CSRF tokens.
Screenshots
Key Features:
1. Dual Server Setup:
The app launches two virtual servers, one protected with a CSRF (Cross-Site Request Forgery) token and one without, demonstrating the vulnerability in user session handling.
2. CSRF Protection:
On the server with a CSRF token, users can correctly send money and data is securely saved to the database, showing how protection prevents unauthorized requests.
3. Vulnerable Server:
The unprotected server without a CSRF token shows the consequences of a CSRF attack, where malicious inputs (forgery site values) can be applied, demonstrating the security risk.
Category:
Tags:
Links:
Portfolio 
Leave a comment