| Summary: | CSV injection occurs when an attacker injects malicious code into a CSV file, and this code is executed when the file is opened in a spreadsheet program. This type of attack is possible because most spreadsheet programs have a set of built-in functions that run automatically when a CSV file is opened with the spreadsheet program. Given the widespread usage of CSV files and programs that interpret those CSV files, the risk posed by such CSV injection attacks is great.
In this study, I present a browser extension designed to sanitize all downloaded CSV f iles by eliminating any harmful code while preserving the integrity of benign code. The extension does this by first finding all formulas within a CSV file, and determining whether or not each one has the potential to contain malicious code. If the extension determines that a formula may be malicious, it will edit the cell containing that formula so that spreadsheet programs will interpret the cell as text, and will not execute it.
|
|---|