23c3_m4v Logo

CSRF, the Intranet and You

Causes, Attacks and Countermeasures

Veröffentlicht am: 30.12.2006, 11:30 Uhr
Präsentation vom: 30.12.2006, 11:30 Uhr

Teilnehmer: Justus Winter, Martin Johns

Abstract: A detailed introduction to Cross Site Request Forgery. This talk presents the fundamental cause of this vulnerability class and examples of potential attack consequences. The second half of the talk is devoted to avoiding and countering CSRF: Implementing CSRF proof session handling, transparent retrofitting of legacy applications and methods for client side protection.

Speakers: Justus Winter, Martin Johns
Language: en
Date: 2006-12-30
Time: 11:30
Room: Saal 3

More information...