Project Link

In this project I have shown how the SIMPLE idea behind the protection of CROSS-SITE-REQUEST-FORGERY attacks is implement using CSRF-TOKEN


Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application. Source : OWASP

How to start

Simple : Download the zip or clone this repository then run the index.php using your localhost server. The Database creation with the Schema of the table is in the dbconfig.php Do read the comment in this files

What I did

Algorithm Used For encryption

-> sha256 for Key and iv encryption
-> openssl for session encryption - method used : AES-256-CBC
-> BCRYPT for csrf_token encryption as this is one way encryption algorithm and we just need to verify the token not decrypt it

CSRF protection methology

-> We get the token from csrf_token.php which is giving me the token plus putting the same token in cookie .
-> We get the token pnly if we visit the index.php that means a attacker has to visit this
-> if not then the token wont be valid
-> Considering a situation if somehow the attacker get a valid token ,then he/she will be using that int the request header in a remote form but this wont be validated as your cookie will be having different token from this
-> You can surely add or contribute in this project to validate the cookie token and header token more precisely