Question

Hey Bob! Click this link: fakebank.lol/transfer?to=223944&amount=2000 Is an example of what type of attack AND what...

Hey Bob! Click this link: fakebank.lol/transfer?to=223944&amount=2000

Is an example of what type of attack AND what is the best defence againts it.

choose the answer below:

Cross-Site Request Forgery & Strong password

Cross-Site Request Forgery & Not using a custom built token system

Session Fixation & Anti-CSRF Token

Session Forgery & Not using a custom built token system

Cross-Site Request Forgery & Anti-CSRF Token

Session Fixation & Strong password

Session Fixation & Not using a custom built token system

Session Forgery & Anti-CSRF Token

Session Forgery & Strong password

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

Cross-Site Request Forgery & Not using a custom built token system

When the fakebank.com generates the HTML view which contains a form, it also adds a hidden input with the value of the token stored in the session. This way when a POST request is received by the fakebank.com it can verify that the hidden input is available or not and it can also compare its value to the value stored in the session.

My preferred method is to do requests with AJAX (XHR/Fetch) that permit custom header and checking on the server side that the custom header exists, but it's opinion based.

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
What tools could AA leaders have used to increase their awareness of internal and external issues?...
What tools could AA leaders have used to increase their awareness of internal and external issues? ???ALASKA AIRLINES: NAVIGATING CHANGE In the autumn of 2007, Alaska Airlines executives adjourned at the end of a long and stressful day in the midst of a multi-day strategic planning session. Most headed outside to relax, unwind and enjoy a bonfire on the shore of Semiahmoo Spit, outside the meeting venue in Blaine, a seaport town in northwest Washington state. Meanwhile, several members of...
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation....
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation. case:    W17400 APIGEE: PEOPLE MANAGEMENT PRACTICES AND THE CHALLENGE OF GROWTH Ranjeet Nambudiri, S. Ramnarayan, and Catherine Xavier wrote this case solely to provide material for class discussion. The authors do not intend to illustrate either effective or ineffective handling of a managerial situation. The authors may have disguised certain names and other identifying information to protect confidentiality. This publication may not be...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT