CSRF, Open Redirect & Information Leakage Explained
In the world of cybersecurity, we often hear about sophisticated hacks and complex malware. However, some of the most dangerous vulnerabilities are actually quite simple flaws in how websites handle your requests.
Today, I want to demystify three common terms you might see in bug bounty reports or security news: CSRF, Open Redirect, and Information Leakage.
1. CSRF (Cross-Site Request Forgery)
Imagine you are logged into your bank account in one tab. In another tab, you click a link on a “Free Movie” site. Suddenly, money is transferred from your bank. You didn’t do it, but your browser did.
This is CSRF. It is an attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated.
The Real World Analogy: It is like someone forging your signature on a check. The bank sees the signature (your session cookies) and assumes you authorized the payment, even though you didn’t.
2. Open Redirect
An Open Redirect vulnerability happens when a website allows a user to be redirected to another website without validating where they are going.
Scammers love this because it helps them make Phishing links look legitimate. They might send you a link that looks like this:
https://trusted-bank.com/login?redirect=http://hacker-site.com
You see “trusted-bank.com” and think it is safe. But when you click it, the website bounces you immediately to “hacker-site.com,” which shows a fake login page to steal your password.
3. Information Leakage
This is exactly what it sounds like: The website talks too much. When a website crashes or errors out, it should just say “Something went wrong.”
However, poorly configured websites might display:
- Database path locations (e.g.,
/var/www/html/users/db.sql) - Software version numbers (e.g.,
Apache 2.4.49) - Code logic or comments left by developers.
While this doesn’t hack you directly, it gives hackers the “blueprint” they need to plan a focused attack.
Summary of Threats
| Vulnerability | The Trick | The Danger |
|---|---|---|
| CSRF | Uses your own logged-in session against you. | Changing passwords, transferring funds, deleting accounts without your consent. |
| Open Redirect | Uses a trusted domain to launch a scam. | Highly effective Phishing attacks that fool even careful users. |
| Info Leakage | Reveals internal system details. | Helps attackers find other vulnerabilities easier. |
- Log Out: Don’t leave sensitive accounts (Bank, Admin panels) logged in when browsing other sites.
- Check the URL Bar: After clicking a link, ensure you are still on the correct domain before entering passwords.
- Use a Browser with Strict Privacy: Modern browsers (Brave, Firefox) often strip cross-site cookies, killing CSRF attacks.
Deep Dive (For the Tech-Savvy)
Developers use CSRF Tokens (Anti-Forgery Tokens). This is a random, secret code generated for every session.
When you submit a form (like “Transfer Money”), the website expects this secret code. If the attacker tries to trigger the transfer from a malicious site, they won’t know the code, and the request will be rejected.
Look at the URL parameters. If you see a URL ending in ?next=, ?url=, or ?redirect=, inspect what comes after it.
If the URL after the equals sign does not belong to the main website, do not click it.
The Bottom Line
Web security isn’t just about strong passwords. It is about understanding how the web connects things. CSRF exploits trust in your browser, Open Redirect exploits trust in domain names, and Information Leakage exploits bad error handling.
Stay curious, stay skeptical, and keep your sessions secure.