使用跨站伪造请求(CSRF)来攻击网络设备

CSRF Attacks on Network Devices

文中详细阐述了攻击者利用跨站伪造请求(CSRF)的方法来远程对网络设备开展攻击渗透的具体方法与步骤,阐明通过用户浏览器提交相关命令的操作过程,相关漏洞攻击的例子可有利于建立安全研究和安全审计的概念。

This paper describes in detail the specific measures and steps of attackers in carrying remote penetration attack against network devices with cross- site request forgery( CSRF). Meanwhile,it also explains that the operation of relevant orders submitted by the user's browser and the examples related to loophole attack can be beneficial to establishing the concepts of security research and security audit.