Cross-Site Scripting (XSS)
|
|
- Wesley Lynch
- 7 years ago
- Views:
Transcription
1 Lam 1 Cross-Site Scripting (XSS) Christopher Lam December 15, 2008 CMPT-320 Dr. Stefan Robila Final Project Report
2 Lam 2 Abstract As the Internet becomes more and more complex, newly found vulnerabilities continue to develop and through web-based applications, these vulnerabilities are exploited. One of the most common styles of malicious attacks that come to mind is code injection. A form of code injection that is well-liked by many malicious web users that exploits these vulnerabilities is cross-site scripting (XSS). Not only are seventy percent of websites vulnerable to XSS, but it also allows the most powerful kinds of attacks. XSS is very easy to execute and very long and arduous to repair. For this reason, XSS is defined as the number one and utmost prevalent website vulnerability on the internet. Introduction Most websites today contain dynamic content which gives its viewers a more interactive and enjoyable experience. Instead of having a classic static website, a dynamic website is generated by two different types of interactivities: client-side scripting (used to change interface behaviors within a specific webpage) and server-side scripting (used to change the supplied page source between pages). In addition to creating a dynamic website, you are making yourself susceptible to a popular and very powerful security vulnerability that plain static websites are not. This threat is called cross-site scripting (XSS). XSS has come about as a result of defectively constructed coding within webbased applications. Attackers direct their attention towards these vulnerabilities and insert malicious content into the client-side browser without the user s knowledge which allows an attacker to gain access to the user s personal information. Cross-site scripting vulnerabilities have been around for a long time, and are found within almost any kind of dynamically generated website. As new XSS threats develop, malicious attackers will continue to discover innovative ways to exploit these weaknesses. It is necessary to have a comprehensive understanding of cross-site scripting due to its significant impact in today s internet security worldwide.
3 Lam 3 Overview The remainder of this paper will be organized as follows. There will be a general description of what cross-site scripting is. Then it will move onto a simple list of different types of programming languages used in the malicious code injections. That will be followed by the different types of XSS attacks. We will then describe the reasons why malicious attackers utilize XSS. After that, we will go on to illustrate different kinds of possible attack scenarios. This would then lead to the steps a malicious attacker takes to execute an XSS attack. The next segment explains the consequences of not fixing CSS/XSS holes. Then I will go on to demonstrate a practical example of XSS on a testing site. Afterwards, I will inform you of multiple ways to protect yourself against XSS. Finally, I will end my paper with a summary of cross-site scripting. Cross-Site Scripting Cross-site scripting (previously titled CSS, but later renamed to XSS because it was often confused for Cascading Style Sheets) is a type of computer security vulnerability that is found in web-based applications which allows code injection by malicious web users into any webpage that is viewed by other users. The term Cross-site scripting, originated when a malicious website could potentially load a website onto another window and then use JavaScript to read or write information on the other website, which was later redefined as injection. XSS is made possible due to the fact that faulty coding causes XSS holes (vulnerabilities on websites that allows attackers to avoid security measures) in the client-side script that allows for insertion of malignant code. During an attack, everything looks fine to the end user, but in actuality they are subject to a wide variety of threats. These vulnerabilities are exploited by attackers to bypass access controls such as the same origin policy (security measure preventing a document or script being loaded from one "origin" from getting or setting properties of a document from a different "origin"). XSS is a potentially dangerous vulnerability that is easy to execute and very long and arduous to repair. For this reason, XSS holes are rarely patched up because they exist in 7 out of every 10 websites, and take approximately 52 days to fix. Many site owners do not consider an XSS hole to be a big threat, which is a commonly made mistake because the consequences of an XSS attack against web
4 Lam 4 applications and its users have been proven to be extremely serious. The most frequent kinds of web applications that are victimized by XSS attacks are search engines, discussion boards, web-based s, and posts. Even the most well-known websites in today s world like Google, Yahoo!, MySpace, Facebook, PayPal, and WikiPedia were once victims and still are very susceptible to many kinds of XSS attacks. Programming Languages Utilized in XSS Attacks Sun Microsystems's Java Microsoft s Active X JavaScript Adobe s Flash Action Script HTML or XHTML VB Script RSS and Atom feeds The most commonly used programming languages during XSS attacks are HTML, XHTML, JavaScript, and Adobe s Flash. However the most popular and potentially the most detrimental language used by malicious attackers is JavaScript. Types of XSS Attacks There are three significant types of XSS vulnerabilities that exist and they are non-persistent, persistent, and DOM-based (which can be either persistent or nonpersistent). The first type of XSS vulnerability is known as DOM-based. It is also referred to as a Type 0 or a Local XSS. Document Object Model (DOM) is a platform for representing HTML or XML and other related languages. In this vulnerability, the problem exists within the pages client side script. If an attacker hosts a malicious site, which contains a vulnerable website on a client s local system, a script can be injected. Now the attacker can run the privileges of that user s browser on their system Local Zone. DOM-based vulnerabilities can be either persistent or non-persistent. [1] The second type of XSS vulnerability is known as non-persistent. It is also referred to as a Type 1 or a reflected vulnerability. It is by far the most common type of the three but is not nearly as popular as the others. If a web user provided data to a server-
5 Lam 5 side script to instantly generate a resulting page back to him/herself, a resulting page without html encoding can be intercepted by an invalidated user. The malicious clientside code can then be injected into the dynamic page. The attacker can apply a little social engineering (which is the power to manipulate someone to perform actions) to persuade a user to follow a malicious URL that will inject code into the resulting page. After the attacker has accomplished that, he now has full access to that web pages content. [1] The third and final type of XSS vulnerability is known as persistent. It is also referred to as a Type 2, a stored, or a second order vulnerability. This vulnerability is susceptible to the most powerful kinds of attacks. First, the data is stored on the server (in a database, file system, or other location) provided by a web application. Then it is later reopened and shown to other users on a webpage without any html encoding. An example of this is an online discussion or message board that allows users to sign in to post messages for other users to read. Persistent XSS is one of the more prestigious types of vulnerabilities because the malicious scripts are capable of being provided and used more then once. This means an attacker can exploit this vulnerability and affect a large magnitude of users. In addition to the huge number of users already at risk, this web application can also be infected by a cross-site scripting virus or worm. [1] Reasons Why XSS Vulnerabilities are Exploited Account Hijacking for identity theft Cookie theft/poisoning to acquire sensitive information Conduct phishing attacks Gain free access to otherwise paid for content Spy on a users web browsing habits Change a users settings False advertising Deface a website Insertion of hostile content Denial of service attack Public defamation of an individual of company
6 Lam 6 Attack Scenarios DOM-Based Attack [1] 1. Mallory sends via a URL of a maliciously constructed webpage to Alice. 2. Alice receives the and clicks on the link. 3. The malicious webpage's JavaScript opens up a vulnerable HTML webpage locally on Alice's computer. 4. The vulnerable webpage containing the JavaScript then executes on Alice s computers Local zone. 5. Now Mallory's malicious script can run commands with all the privileges of Alice s computer on her own computer. This is an example of a Cross-Site Scripting attack via . [5] Adapted from Paul Lee (paul@ca.ibm.com), I/T Architect, IBM Global Services [5]
7 Lam 7 Non-Persistent Attack [1] 1. Alice visits Bob s website frequently and logs in with a username and password. Bob s website stores billing information. 2. Mallory notices that Bob s website contains a Type 1 XSS vulnerability. 3. Mallory then cooks up a URL to exploit that vulnerability, and then sends Alice an making it look like it came from Bob. ( spoofing) 4. While logged into Bob s website, Alice clicks and views the malicious URL. 5. The malicious script then poses as Bob s website, and steals Alice s session cookie and sends it back to Mallory. 6. With Alice s session cookie, Mallory can steal everything Alice had stored on Bob s website. (Authentication credentials and billing information) This is an example of a Cookie theft and Account Hijacking. [5] Adapted from Paul Lee (paul@ca.ibm.com), I/T Architect, IBM Global Services [5]
8 Lam 8 Persistent Attack [1] 1. Bob hosts a website that allows users to post messages that can be viewed by other users at a later time. 2. Mallory notices that Bob s website has a Stored XSS vulnerability. 3. Mallory then posts a controversial message that encourages more users to view it. (Malicious URL) 4. After viewing the posted message, all the users session cookies are automatically sent to Mallory s web server without them knowing. 5. Later on, Mallory can log in as whom ever she wants, and then post messages posing as them. This is an example of a sending an unauthorized request. [5] Adapted from Paul Lee (paul@ca.ibm.com), I/T Architect, IBM Global Services [5]
9 Lam 9 Steps to an XSS Attack In order for a malicious attacker to execute a basic cross-site scripting attack, they must follow these four simple steps: 1. Select a target [2] The first step is to select a target. This is done by searching for an XSS hole in a web-based application on a website. Once you have discovered an XSS hole, you must look to see if that website contains any kind of cookies. If it does not, then you have failed and you must continue to look for another website. If it does, then you have succeeded and it is now possible for you to steal that cookie. You have finally selected a target. 2. Testing [2] The next step is to decide what kind of XSS hole this website contains because all XSS holes are different in how they are exploited. You must then run some tests to make sure the output is authentic looking. If the website appears to be broken, then you must modify your coding until it looks legitimate. When this is complete, you then plug in your JavaScript, or another kind of client-side scripting code, directing it towards the XSS vulnerability. 3. XSS Execution [2] You are finally ready to distribute your malicious URL in any way that might potentially help you launch it. However, you should make sure to Hex encode your URL to make it seem less obvious of its malicious intent. Now all you have to do is sit and wait. If you are a more experienced attacker, you could even do a few redirects and some XSS combo s to steal a user s cookie, and return the user to the website without them knowing their cookie was even stolen. 4. Decide what to do with the data [2] Once you get the user to execute your XSS hole, their cookie will be sent to your CGI script. The last thing to do is to use a program like Websleuth to see if account hijacking is possible. Adapted from Article #2 admin@cgisecurity.com "The Cross Site Scripting FAQ"
10 Lam 10 Compromises to Not Fixing XSS Holes Risk of account being taken over Having a hacker publish a warning about your company not fixing its problems Damages to your companies reputation Shows lack of security measures Shows clients you are irresponsible and not doing anything about your problems In turn, creates trust issues Why do business with you if you are not trustworthy Why do business with a faulty company A Practical Example of XSS on a Test Site This is a simple example of an XSS attack that has been tested on this Acunetix acuform test site. Below is a screenshot of a web-based application with an input field for running a search and also containing an XSS hole. This is how the website looks before any real malicious code is injected. Load the following link in your browser: [2]
11 Lam 11 After loading the following link in the browser: the testing site appears and then you continue to insert the following malicious code into the search field: <br><br>please login with the form below before proceeding:<form action="destination.asp"><table><tr><td>login:</td><td><input type=text length=20 name=login></td></tr><tr><td>password:</td><td><input type=text length=20 name=password></td></tr></table><input type=submit value=login></form> Then you click the search button and now a malicious login form was created and is now displayed in the screenshot shown below. This is an example of how easy it is to implement an XSS hole. With this fake login form, the attacker can now sit and wait as users come and fill out the fake form allowing their credentials to be stolen. The code entered to create the fake form contains a section shown above which mentions destination.asp. This code allows the attacker to decide where the fake login form information will be sent to. Afterwards, the user s log-in information is now in the hands of the attacker to do what ever he/she pleases.
12 Lam 12 Another alternative for an attacker to exploit the XSS hole in this testing site is to inject the code below by distributing this malicious URL. [2] %3A%3Cform+action%3D%22test.asp%22%3E%3Ctable%3E%3Ctr%3E%3Ctd%3ELogin%3A%3C%2Ftd%3E%3Ctd%3E%3Cinp ut+type%3dtext+length%3d20+name%3dlogin%3e%3c%2ftd%3e%3c%2ftr%3e%3ctr%3e%3ctd%3epassword%3a%3c%2 Ftd%3E%3Ctd%3E%3Cinput+type%3Dtext+length%3D20+name%3Dpassword%3E%3C%2Ftd%3E%3C%2Ftr%3E%3C%2Ftabl e%3e%3cinput+type%3dsubmit+value%3dlogin%3e%3c%2fform%3e Both sets of malicious code result in the same display page shown above. They also have the same affect in stealing a user s credentials. But the second set of malicious code jumps straight the resulting page causing the user to be easily fooled. Adapted from Jacques Guillaumier [2]
13 Lam 13 How to Protect Against XSS CHAR / < { ( [? # : % + CODE %2f < %7b ( %5b " %3f # %3a % %7c + CHAR \ > } ) & = ; ~ - CODE %5c > %7d ) %5d ' %40 & %3d ; %7e - Never trust Input & Always filter out metacharacters Encode locally or at a server View material only from official websites It will eliminate almost 90% of problems Be cautious when opening s from people you do not know, discussion boards, posts, etc. Turn off JavaScript in browser settings In IE, turn security settings on high Filtering Systems Server-side algorithms must reject broken HTML Input Validation A form accepting certain fields and having a server-side routine allow only specific characters (XSS custom tag library) All other characters would be removed Such result could not contain a malicious script Conclusion Cross-site scripting is one of the most dangerous and most common website vulnerability on the internet. An XSS attack comes in many forms that range from something as small as pop up in a window, to something as destructive as a virus or a worm, and even worse; XSS is capable of compromising a person s identity. Nobody in this world is ever completely safe from it. As XSS vulnerabilities continue to grow, the best way to protect yourself against it is to always be on the alert, and be aware of what you should do when you come across it.
14 Lam 14 References [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] Underestimated-Exploit.html Picture References [1] lities/vulnerable02.jpg [2] [3] og/image.axd%3fpicture%3dcross%2beyed%2bscripting%2bbug.png&imgrefurl=http :// 7A8nC- 4J6Jd1heOY4HEg1bo4YRQ=&h=592&w=709&sz=292&hl=en&start=60&tbnid=bytIySB5 LrMoKM:&tbnh=117&tbnw=140&prev=/images%3Fq%3Dcrosssite%2Bscripting%26start%3D40%26gbv%3D2%26ndsp%3D20%26hl%3Den%26sa%3 DN [4] Ex5xbTHiHI/AAAAAAAAAOE/2xtRR9cT2Jo/s200/NoScript.png&imgrefurl= nfopowered.blogspot.com/&usg= rjx_euzpz0y8_tewb818rzd8ccs=&h=200&w=200&sz =37&hl=en&start=225&tbnid=5ULzggLJ0pPHmM:&tbnh=104&tbnw=104&prev=/images %3Fq%3Dcrosssite%2Bscripting%26start%3D220%26gbv%3D2%26ndsp%3D20%26hl%3Den%26sa%3 DN [5] sizer.ashx%3fn%3dhttp://backoffice.ajb.com.au%252fimages%252fnews%252fphishing money.jpg%26w%3d218&imgrefurl= oo-and-ebay-hook-up-on-phisherblocker.aspx&usg= 9kqYJaZ4d7WxWMuzvcv_VENQy6Q=&h=329&w=218&sz=19&hl= en&start=299&tbnid=0arllxgiugeqm:&tbnh=119&tbnw=79&prev=/images%3fq%3dcrosssite%2bscripting%26start%3d280%26gbv%3d2%26ndsp%3d20%26hl%3den%26sa%3 DN
Cross Site Scripting Prevention
Project Report CS 649 : Network Security Cross Site Scripting Prevention Under Guidance of Prof. Bernard Menezes Submitted By Neelamadhav (09305045) Raju Chinthala (09305056) Kiran Akipogu (09305074) Vijaya
More informationWeb Application Security
Web Application Security John Zaharopoulos ITS - Security 10/9/2012 1 Web App Security Trends Web 2.0 Dynamic Webpages Growth of Ajax / Client side Javascript Hardening of OSes Secure by default Auto-patching
More informationCross-Site Scripting
Cross-Site Scripting (XSS) Computer and Network Security Seminar Fabrice Bodmer (fabrice.bodmer@unifr.ch) UNIFR - Winter Semester 2006-2007 XSS: Table of contents What is Cross-Site Scripting (XSS)? Some
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationRecommended Practice Case Study: Cross-Site Scripting. February 2007
Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber
More informationWeb Application Security
White Paper Web Application Security Managing Cross-Site Scripting, The Number One Item on OWASP s Top Ten List Introduction: What is OWASP? The Open Web Application Security Project (OWASP) is, by its
More informationHow to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering
How to break in Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering Time Agenda Agenda Item 9:30 10:00 Introduction 10:00 10:45 Web Application Penetration
More informationAcunetix Website Audit. 5 November, 2014. Developer Report. Generated by Acunetix WVS Reporter (v8.0 Build 20120808)
Acunetix Website Audit 5 November, 2014 Developer Report Generated by Acunetix WVS Reporter (v8.0 Build 20120808) Scan of http://filesbi.go.id:80/ Scan details Scan information Starttime 05/11/2014 14:44:06
More informationStopping SQL Injection and. Manoranjan (Mano) Paul. Track: Operating Systems Security - Are we there yet?
Stopping SQL Injection and Crossing Over Cross-site Scripting Track: Operating Systems Security - Are we there yet? Manoranjan (Mano) Paul CISSP, MCSD, MCAD, CompTIA Network+, ECSA/LPT Catalyst(s) SQL
More informationDetecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008
Detecting Web Application Vulnerabilities Using Open Source Means OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008 Kostas Papapanagiotou Committee Member OWASP Greek Chapter conpap@owasp.gr
More informationNetwork Security Web Security
Network Security Web Security Anna Sperotto, Ramin Sadre Design and Analysis of Communication Systems Group University of Twente, 2012 Cross Site Scripting Cross Side Scripting (XSS) XSS is a case of (HTML)
More informationWEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY
WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities
More informationCSE598i - Web 2.0 Security OWASP Top 10: The Ten Most Critical Web Application Security Vulnerabilities
CSE598i - Web 2.0 Security OWASP Top 10: The Ten Most Critical Web Application Security Vulnerabilities Thomas Moyer Spring 2010 1 Web Applications What has changed with web applications? Traditional applications
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationDetecting and Exploiting XSS with Xenotix XSS Exploit Framework
Detecting and Exploiting XSS with Xenotix XSS Exploit Framework ajin25@gmail.com keralacyberforce.in Introduction Cross Site Scripting or XSS vulnerabilities have been reported and exploited since 1990s.
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationA Tale of the Weaknesses of Current Client-side XSS Filtering
A Tale of the Weaknesses of Current Client-side XSS Filtering Sebastian Lekies (@sebastianlekies), Ben Stock (@kcotsneb) and Martin Johns (@datenkeller) Attention hackers! These slides are preliminary!
More informationCross Site Scripting in Joomla Acajoom Component
Whitepaper Cross Site Scripting in Joomla Acajoom Component Vandan Joshi December 2011 TABLE OF CONTENTS Abstract... 3 Introduction... 3 A Likely Scenario... 5 The Exploit... 9 The Impact... 12 Recommended
More informationWeb Application Security. Vulnerabilities, Weakness and Countermeasures. Massimo Cotelli CISSP. Secure
Vulnerabilities, Weakness and Countermeasures Massimo Cotelli CISSP Secure : Goal of This Talk Security awareness purpose Know the Web Application vulnerabilities Understand the impacts and consequences
More informationExploits: XSS, SQLI, Buffer Overflow
Exploits: XSS, SQLI, Buffer Overflow These vulnerabilities continue to result in many active exploits. XSS Cross Site Scripting, comparable to XSRF, Cross Site Request Forgery. These vulnerabilities are
More informationCreating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011 Agenda Evolving Threats Operating System Application User Generated Content JPL s Application Security Program Securing
More informationDefending against XSS,CSRF, and Clickjacking David Bishop
Defending against XSS,CSRF, and Clickjacking David Bishop University of Tennessee Chattanooga ABSTRACT Whenever a person visits a website, they are running the risk of falling prey to multiple types of
More informationWeb Application Security Considerations
Web Application Security Considerations Eric Peele, Kevin Gainey International Field Directors & Technology Conference 2006 May 21 24, 2006 RTI International is a trade name of Research Triangle Institute
More informationPenetration Test Report
Penetration Test Report Acme Test Company ACMEIT System 26 th November 2010 Executive Summary Info-Assure Ltd was engaged by Acme Test Company to perform an IT Health Check (ITHC) on the ACMEIT System
More informationFINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES
Purpose: The Department of Information Technology (DoIT) is committed to developing secure applications. DoIT s System Development Methodology (SDM) and Application Development requirements ensure that
More informationCMP3002 Advanced Web Technology
CMP3002 Advanced Web Technology Assignment 1: Web Security Audit A web security audit on a proposed eshop website By Adam Wright Table of Contents Table of Contents... 2 Table of Tables... 2 Introduction...
More informationArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young
ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction
More informationHOD of Dept. of CSE & IT. Asst. Prof., Dept. Of CSE AIET, Lko, India. AIET, Lko, India
Volume 5, Issue 12, December 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Investigation
More informationThe purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.
This sample report is published with prior consent of our client in view of the fact that the current release of this web application is three major releases ahead in its life cycle. Issues pointed out
More informationComplete Cross-site Scripting Walkthrough
Complete Cross-site Scripting Walkthrough Author : Ahmed Elhady Mohamed Email : ahmed.elhady.mohamed@gmail.com website: www.infosec4all.tk blog : www.1nfosec4all.blogspot.com/ [+] Introduction wikipedia
More informationIs Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security
Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not
More informationBug Report. Date: March 19, 2011 Reporter: Chris Jarabek (cjjarabe@ucalgary.ca)
Bug Report Date: March 19, 2011 Reporter: Chris Jarabek (cjjarabe@ucalgary.ca) Software: Kimai Version: 0.9.1.1205 Website: http://www.kimai.org Description: Kimai is a web based time-tracking application.
More informationClient Side Filter Enhancement using Web Proxy
Client Side Filter Enhancement using Web Proxy Santosh Kumar Singh 1, Rahul Shrivastava 2 1 M Tech Scholar, Computer Technology (CSE) RCET, Bhilai (CG) India, 2 Assistant Professor, CSE Department, RCET
More informationAre AJAX Applications Vulnerable to Hack Attacks?
Are AJAX Applications Vulnerable to Hack Attacks? The importance of Securing AJAX Web Applications This paper reviews AJAX technologies with specific reference to JavaScript and briefly documents the kinds
More informationClient vs. Server Implementations of Mitigating XSS Security Threats on Web Applications
Journal of Basic and Applied Engineering Research pp. 50-54 Krishi Sanskriti Publications http://www.krishisanskriti.org/jbaer.html Client vs. Server Implementations of Mitigating XSS Security Threats
More informationExternal Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION
External Vulnerability Assessment -Technical Summary- Prepared for: ABC ORGANIZATI On March 9, 2008 Prepared by: AOS Security Solutions 1 of 13 Table of Contents Executive Summary... 3 Discovered Security
More informationGateway Apps - Security Summary SECURITY SUMMARY
Gateway Apps - Security Summary SECURITY SUMMARY 27/02/2015 Document Status Title Harmony Security summary Author(s) Yabing Li Version V1.0 Status draft Change Record Date Author Version Change reference
More informationEVALUATING COMMERCIAL WEB APPLICATION SECURITY. By Aaron Parke
EVALUATING COMMERCIAL WEB APPLICATION SECURITY By Aaron Parke Outline Project background What and why? Targeted sites Testing process Burp s findings Technical talk My findings and thoughts Questions Project
More informationLast update: February 23, 2004
Last update: February 23, 2004 Web Security Glossary The Web Security Glossary is an alphabetical index of terms and terminology relating to web application security. The purpose of the Glossary is to
More informationSitefinity Security and Best Practices
Sitefinity Security and Best Practices Table of Contents Overview The Ten Most Critical Web Application Security Risks Injection Cross-Site-Scripting (XSS) Broken Authentication and Session Management
More informationBarracuda Web Site Firewall Ensures PCI DSS Compliance
Barracuda Web Site Firewall Ensures PCI DSS Compliance E-commerce sales are estimated to reach $259.1 billion in 2007, up from the $219.9 billion earned in 2006, according to The State of Retailing Online
More informationCyber Security Workshop Ethical Web Hacking
Cyber Security Workshop Ethical Web Hacking May 2015 Setting up WebGoat and Burp Suite Hacking Challenges in WebGoat Concepts in Web Technologies and Ethical Hacking 1 P a g e Downloading WebGoat and Burp
More informationApplication security testing: Protecting your application and data
E-Book Application security testing: Protecting your application and data Application security testing is critical in ensuring your data and application is safe from security attack. This ebook offers
More informationWEB 2.0 AND SECURITY
WEB 2.0 AND SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More information(WAPT) Web Application Penetration Testing
(WAPT) Web Application Penetration Testing Module 0: Introduction 1. Introduction to the course. 2. How to get most out of the course 3. Resources you will need for the course 4. What is WAPT? Module 1:
More informationWeb application security: Testing for vulnerabilities
Web application security: Testing for vulnerabilities Using open source tools to test your site Jeff Orloff Technology Coordinator/Consultant Sequoia Media Services Inc. Skill Level: Intermediate Date:
More informationUsing Foundstone CookieDigger to Analyze Web Session Management
Using Foundstone CookieDigger to Analyze Web Session Management Foundstone Professional Services May 2005 Web Session Management Managing web sessions has become a critical component of secure coding techniques.
More informationSecurity features of ZK Framework
1 Security features of ZK Framework This document provides a brief overview of security concerns related to JavaScript powered enterprise web application in general and how ZK built-in features secures
More informationGuide for the attention of developers/hosts for merchant websites on the minimum level of security for bank card data processing
Guide for the attention of developers/hosts for merchant websites on the minimum level of security for bank card data processing Foreword This guide in no way intends to replace a PCI DSS certification
More informationCLASS FINAL REPORT UNIVERSITY OF CENTRAL FLORIDA FRONTIERS IN INFORMATION TECHNOLOGY COP 4910
UNIVERSITY OF CENTRAL FLORIDA FRONTIERS IN INFORMATION TECHNOLOGY COP 4910 CLASS FINAL REPORT Abstract This report brings together the final papers presented by the students in the Frontiers in Information
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationSecure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda
Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda 1. Introductions for new members (5 minutes) 2. Name of group 3. Current
More information5 Simple Steps to Secure Database Development
E-Guide 5 Simple Steps to Secure Database Development Databases and the information they hold are always an attractive target for hackers looking to exploit weaknesses in database applications. This expert
More informationA Server and Browser-Transparent CSRF Defense for Web 2.0 Applications. Slides by Connor Schnaith
A Server and Browser-Transparent CSRF Defense for Web 2.0 Applications Slides by Connor Schnaith Cross-Site Request Forgery One-click attack, session riding Recorded since 2001 Fourth out of top 25 most
More informationWeb Application Vulnerabilities and Avoiding Application Exposure
Web Application Vulnerabilities and Avoiding Application Exposure The introduction of BIG-IP Application Security Manager (ASM) version 9.4.2 marks a major step forward. BIG-IP ASM now offers more features
More informationHTTPParameter Pollution. ChrysostomosDaniel
HTTPParameter Pollution ChrysostomosDaniel Introduction Nowadays, many components from web applications are commonly run on the user s computer (such as Javascript), and not just on the application s provider
More informationThe Roles of Software Testing & QA in Security Testing
The Roles of Software Testing & QA in Security Testing Hung Q. Nguyen LogiGear, President and CEO Bob Johnson Independent, Security Consultant ASQ-SSQA Presentation, May 14, 2002 Objective To jump start
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationApplication Security Testing. Generic Test Strategy
Application Security Testing Generic Test Strategy Page 2 of 8 Contents 1 Introduction 3 1.1 Purpose: 3 1.2 Application Security Testing: 3 2 Audience 3 3 Test Strategy guidelines 3 3.1 Authentication
More informationChapter 1 Web Application (In)security 1
Introduction xxiii Chapter 1 Web Application (In)security 1 The Evolution of Web Applications 2 Common Web Application Functions 4 Benefits of Web Applications 5 Web Application Security 6 "This Site Is
More informationProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
More informationMagento Security and Vulnerabilities. Roman Stepanov
Magento Security and Vulnerabilities Roman Stepanov http://ice.eltrino.com/ Table of contents Introduction Open Web Application Security Project OWASP TOP 10 List Common issues in Magento A1 Injection
More informationWeb applications. Web security: web basics. HTTP requests. URLs. GET request. Myrto Arapinis School of Informatics University of Edinburgh
Web applications Web security: web basics Myrto Arapinis School of Informatics University of Edinburgh HTTP March 19, 2015 Client Server Database (HTML, JavaScript) (PHP) (SQL) 1 / 24 2 / 24 URLs HTTP
More informationFSOEP Web Banking & Fraud: Corporate Treasury Attacks
FSOEP Web Banking & Fraud: Corporate Treasury Attacks Your Presenters Who Are We? Tim Wainwright Managing Director Chris Salerno Senior Consultant Led 200+ penetration tests Mobile security specialist
More informationHYPERTEXT PREPROCESSOR (PHP) VULNERABILITIES, RISKS AND COUNTERMEASURES
HYPERTEXT PREPROCESSOR (PHP) VULNERABILITIES, RISKS AND COUNTERMEASURES Joseph D. Klos Florida State University jdk10d@my.fsu.edu Maxwell A. Galiana Florida State University mag11e@my.fsu.edu Erich M.
More informationCheck list for web developers
Check list for web developers Requirement Yes No Remarks 1. Input Validation 1.1) Have you done input validation for all the user inputs using white listing and/or sanitization? 1.2) Does the input validation
More informationWeb Application Guidelines
Web Application Guidelines Web applications have become one of the most important topics in the security field. This is for several reasons: It can be simple for anyone to create working code without security
More informationwhite paper Malware Security and the Bottom Line
Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware
More information1. Introduction. 2. Web Application. 3. Components. 4. Common Vulnerabilities. 5. Improving security in Web applications
1. Introduction 2. Web Application 3. Components 4. Common Vulnerabilities 5. Improving security in Web applications 2 What does World Wide Web security mean? Webmasters=> confidence that their site won
More informationYOUR BROWSER WEARS NO CLOTHES
WHITE PAPER YOUR BROWSER WEARS NO CLOTHES YOUR BROWSER WEARS NO CLOTHES Why Fully Patched Browsers Remain Vulnerable Introduction... 3 History... 3 Naked Browser Attacks... 4 Cross Site Scripting... 4
More informationWeb Engineering Web Application Security Issues
Security Issues Dec 14 2009 Katharina Siorpaes Copyright 2009 STI - INNSBRUCK www.sti-innsbruck.at It is NOT Network Security It is securing: Custom Code that drives a web application Libraries Backend
More informationSECURITY ADVISORY. December 2008 Barracuda Load Balancer admin login Cross-site Scripting
SECURITY ADVISORY December 2008 Barracuda Load Balancer admin login Cross-site Scripting Discovered in December 2008 by FortConsult s Security Research Team/Jan Skovgren WARNING NOT FOR DISCLOSURE BEFORE
More informationelearning for Secure Application Development
elearning for Secure Application Development Curriculum Application Security Awareness Series 1-2 Secure Software Development Series 2-8 Secure Architectures and Threat Modeling Series 9 Application Security
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection 2
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationCriteria for web application security check. Version 2015.1
Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-
More informationProject 2: Web Security Pitfalls
EECS 388 September 19, 2014 Intro to Computer Security Project 2: Web Security Pitfalls Project 2: Web Security Pitfalls This project is due on Thursday, October 9 at 6 p.m. and counts for 8% of your course
More informationWeb Application Penetration Testing
Web Application Penetration Testing 2010 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Will Bechtel William.Bechtel@att.com
More informationNational Information Security Group The Top Web Application Hack Attacks. Danny Allan Director, Security Research
National Information Security Group The Top Web Application Hack Attacks Danny Allan Director, Security Research 1 Agenda Web Application Security Background What are the Top 10 Web Application Attacks?
More informationUnderstanding Cross Site Scripting
Understanding Cross Site Scripting Hardik Shah Understanding cross site scripting attacks Introduction: there are many techniques which a intruder can use to compromise the webapplications. one such techniques
More informationOWASP AND APPLICATION SECURITY
SECURING THE 3DEXPERIENCE PLATFORM OWASP AND APPLICATION SECURITY Milan Bruchter/Shutterstock.com WHITE PAPER EXECUTIVE SUMMARY As part of Dassault Systèmes efforts to counter threats of hacking, particularly
More informationWeb Application Worms & Browser Insecurity
Web Application Worms & Browser Insecurity Mike Shema Welcome Background Hacking Exposed: Web Applications The Anti-Hacker Toolkit Hack Notes: Web Security Currently working at Qualys
More informationCross-site site Scripting Attacks on Android WebView
IJCSN International Journal of Computer Science and Network, Vol 2, Issue 2, April 2013 1 Cross-site site Scripting Attacks on Android WebView 1 Bhavani A B 1 Hyderabad, Andhra Pradesh-500050, India Abstract
More informationIntroduction: 1. Daily 360 Website Scanning for Malware
Introduction: SiteLock scans your website to find and fix any existing malware and vulnerabilities followed by using the protective TrueShield firewall to keep the harmful traffic away for good. Moreover
More informationA Novel Frame Work to Detect Malicious Attacks in Web Applications
Technology, Volume-2, Issue-1, January-March, 2014, pp. 23-28, IASTER 2014, www.iaster.com, Online:2347-5099, Print:2348-0009 A Novel Frame Work to Detect Malicious Attacks in Web Applications N. Jayakanthan
More informationICTN 4040. Enterprise Database Security Issues and Solutions
Huff 1 ICTN 4040 Section 001 Enterprise Information Security Enterprise Database Security Issues and Solutions Roger Brenton Huff East Carolina University Huff 2 Abstract This paper will review some of
More informationIntroduction to Computer Security
Introduction to Computer Security Web Application Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Modern threat landscape The majority of modern vulnerabilities are found in web
More informationPhishing by data URI
Phishing by data URI Henning Klevjer henning@klevjers.com October 22, 2012 1 Abstract Historically, phishing web pages have been hosted by web servers that are either compromised or owned by the attacker.
More informationUsing a Malicious Proxy to Pilfer Data & Wreak Havoc. Edward J. Zaborowski ed@thezees.net
Using a Malicious Proxy to Pilfer Data & Wreak Havoc Edward J. Zaborowski ed@thezees.net Abstract...3 Malicious Web Proxy...3 Becoming the Proxy...3 ARP Spoofing...3 Static Configuration...3 Web Proxy
More informationA Survey on Threats and Vulnerabilities of Web Services
A Survey on Threats and Vulnerabilities of Web Services A Thesis submitted in partial fulfillment of the requirements for the degree of Master of Computer Science and Engineering of Jadavpur University
More informationAMIT KLEIN, FORMER DIRECTOR OF SECURITY AND RESEARCH, SANCTUM
AMIT KLEIN, FORMER DIRECTOR OF SECURITY AND RESEARCH, SANCTUM A whitepaper from Watchfire TABLE OF CONTENTS Introduction 1 Full Explanation The XSS Technique. 1 Scope and Feasibility.. 3 Variations on
More informationAttacks on Clients: Dynamic Content & XSS
Software and Web Security 2 Attacks on Clients: Dynamic Content & XSS (Section 7.1.3 on JavaScript; 7.2.4 on Media content; 7.2.6 on XSS) sws2 1 Recap from last lecture Attacks on web server: attacker/client
More informationWeb application security
Web application security Sebastian Lopienski CERN Computer Security Team openlab and summer lectures 2010 (non-web question) Is this OK? int set_non_root_uid(int uid) { // making sure that uid is not 0
More informationIntegrating Security Testing into Quality Control
Integrating Security Testing into Quality Control Executive Summary At a time when 82% of all application vulnerabilities are found in web applications 1, CIOs are looking for traditional and non-traditional
More informationCommon Security Vulnerabilities in Online Payment Systems
Common Security Vulnerabilities in Online Payment Systems Author- Hitesh Malviya(Information Security analyst) Qualifications: C!EH, EC!SA, MCITP, CCNA, MCP Current Position: CEO at HCF Infosec Limited
More informationGuideline for Prevention of Spyware and other Potentially Unwanted Software
Guideline for Prevention of Spyware and other Potentially Unwanted Software Introduction Most users are aware of the impact of virus/worm and therefore they have taken measures to protect their computers,
More informationØredev 2006. Web application testing using a proxy. Lucas Nelson, Symantec Inc.
Øredev 2006 Web application testing using a proxy Lucas Nelson, Symantec Inc. Agenda What is a proxy? Setting up your environment Pre-login tests Post-login tests Conclusion A man in the middle proxy The
More informationThe only False Positive Free. Web Application Security Scanner
The only False Positive Free Web Application Security Scanner State of Security of Web Applications Verizon: 96% of victims subject to PCI DSS have not achieved compliance. 96% of hack attacks were not
More informationA Tale of the Weaknesses of Current Client-Side XSS Filtering
Call To Arms: A Tale of the Weaknesses of Current Client-Side XSS Filtering Martin Johns, Ben Stock, Sebastian Lekies About us Martin Johns, Ben Stock, Sebastian Lekies Security Researchers at SAP, Uni
More informationKEYWORDS: Internet Applications, Security, Languages, Review and evaluation.
[Madhusudhanan, 4(3): March, 2015] ISSN: 2277-9655 IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY WEB SECURITY VULNERABILITY ASSESSMENT AND RECOVERY MACHANISAM M.Madhusudhanan*,
More informationWeb Application Security 101
dotdefender Web Application Security Web Application Security 101 1 Web Application Security 101 As the Internet has evolved over the years, it has become an integral part of virtually every aspect in
More information