Black Hat : Netflix CSRF Vulnerability

blackhat.jpg

WASHINGTON, DC. You never know what kind of vulnerabilities you’ll see at Black Hat.

I’m sitting in a session now where security researcher Chuck Willis of security research firm Mandiant has just demonstrated a live cross site request forgery attack on popular video site Netflix.

According to Willis the issue was first reported to Netflix 17 months ago. In a nutshell CSRF is an exploitation of the HTTP protocols feature that a web page can include HTML elements that will cause the browser to make a request to any other web site. There are alot of different ways to trigger a CSRF including a simple image file or even just a CSS (cascading style sheet).

In the Netflix live case study, Willis showed how he could add a movie to a user’s queue without a user’s knowledge.

Willis alleged that Netflix used to have even more problems related to CSRF that could have allowed an attacker to change a mailing address for a user. Which means that before Netflix partially fixed their CSRF issue an attacker could have added a movie and then had it sent to them.

As it is an attacker can only add a movie, which Willis admitted isn’t terribly exciting. Though he did say that it could be used as some kind of scam to promote a movie. Where an attacker gets a particular movie added to alot of users lists so that Netflix would have to buy more copies.

Overall Willis alleges that CSRF is a problem that is becoming increasingly prevalent and is also difficult (though not impossible) to detect.

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web