Friday, July 24, 2009

Hacking CSRF Tokens using CSS History Hack

Detailed write up on new CSRF Token hack using CSS History:

http://securethoughts.com/2009/07/hacking-csrf-tokens-using-css-history-hack/

Proof of Concept here:

http://www.securethoughts.com/security/csrfcsshistory/csrfscan.html

Best Regards.

No comments:

Post a Comment

Disclaimer

The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.