• Title/Summary/Keyword: Zeroboard

Search Result 1, Processing Time 0.014 seconds

Vulnerability Defense of On-Zeroboard using CSRF Attack (CSRF 공격기법에 대한 제로보드상의 취약점 방어)

  • Kim, Do-Won;Bae, Su-Yeon;An, Beongku
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.14 no.4
    • /
    • pp.57-61
    • /
    • 2014
  • Zeroboard is a public bulletin board that can support PHP and MySQL. It has been used by many people because it is easy to use, but there is no more updates after Zeroboard4. So, there is a problem that its administrator will have nothing to do about it if zeroboard has a vulnerability. In this paper, we will discuss about CSRF(Cross Site request Forgery) which is developed and expanded by XSS(Cross Site Scripting). Also, we will find CSRF attacks and suggest an alternative method using VM-ware. The main features and contributions of the proposed method are as follows. First, make an environment construction using VM-ware and other tools. Second, analyze and prepare vulnerabilities using Proxy server. Performance evaluation will be conducted by applying possible countermeasure.