Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser. 
Read More about CSRF on wikipeida
so here is our new vulnerability
dp1.jpg (355×246)
in This vulnerability we can show our message Like "Hacked By XYZ" on a particular websites by adding text in url,
see for example :
http://vho.nasa.gov/vxo/metadata.php?id=hacked%20by%20xyz%20www.devilscafe.in
http://vmo.nasa.gov/vxo/metadata.php?id=hacked%20by%20xyz%20www.devilscafe.in
http://vmo.gsfc.nasa.gov/vxo/metadata.php?id=hacked%20by%20xyz%20www.devilscafe.in
You can simple chnage  hacked%20by%20XYZ%20 with your own name to show your message on nasa.gov !!
 [Please don't copy post without giving a Credit or source Link, Thanks]


4 comments:

If you're having issues, Please leave an email address I can contact you on -
I advise you to also "subscribe to the comment feed" and get email updates when I respond to your question.

Hyperlinks are not allowed, Spam/advertising comments will NEVER BE TOLERATED and will be deleted immediately!

Thanks for reading,
Admin

 
Top