This is actually a pretty little known attack for some reason. I’m still not quite sure why it hasn’t taken off with more virulance. Generally the attack does fairly benign stuff like automatically logs you out of a website or something else equally lame. But it really can perform nasty functions (like getting an admin to turn you into an admin, etc…).
Digger also showed something that surprisingly is a very common misunderstood way of fixing a CSRF attack, which is they require the form to be a POST method rather than a GET method. That’s super easy to defeat. The only time you can’t defeat it is when you can’t actually enter HTML, but rather all you can do is get a user to click on a link. Another way this is easily defeated is if the user is using ISAPI or other tools that don’t care if the method is GET or POST (it’s actually abstracted from the web developer). Alas…
Anyway, I’m out for a few days so this’ll be my last post until the weekend is over. No parties while I’m gone - not unless you save some for me. Have a good weekend!