Logout hashes, how are they handled?
https://stackoverflow.com/questions/3570791
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
What's the way the logout hashes are usually handled in php?
on a lot of sites there's usually logout hashes to confirm that the user that's logging out is teh correct user, how is this usually handled ?
Examples
http://domain.com/user/logout/nil4ytwojytjwoytjwy5tw5
nil4ytwojytjwoytjwy5tw5 being the hash
Just an update of my research so that others can see how this works.
I figured out that this type of attack is mainly used with xero-byte images and iframes as such.
if your logged into SITE A and your also browsing SITE B, SITE B cauld place lets say an image tag:
<img src="http://SITE_A.com/logout/" width="1" height="1" style="display:none" />
and because therequest has actually come from the legitimate logged in user, the request is processed.
by adding a validation value to important forms, such as transfer account, logout etc, the hacker cannot get this value and therefore the request would no be executed!
Thanks for your help
Solução
This is to Stop CSRF. The value is a "csrf token" which is a cryptographic nonce (random number) that is stored as a session variable. It is checked to make sure that the request originated from the same site and not forged from an attacker's site.
