Security implications of the Cross-Origin Resource Sharing. Gergely Revay
|
|
|
- Justin Gallagher
- 5 years ago
- Views:
Transcription
1 Security implications of the Cross-Origin Resource Sharing Gergely Revay
2 Disclaimer This presentation is purely my opinion and not related to SIEMENS.
3 The Game
4 Agenda What is CORS? Pre-CORS solutions Attacker model What's the problem? Attack Scenarios Solution Demo
5 What is CORS Cross-Origin Resource Sharing HTML5 feature XmlHTTPRequest Load content from another domain on the client-side
6 What is CORS Same-Origin Policy
7 Pre-CORS Many different hacks Proxy in same-origin JSON-P HTML code: <script type="application/javascript" src=" jsonp=parseresponse"> </script> Response Content: parseresponse({"name": "Foo", "Id": 1234, "Rank": 7});
8 How CORS works? 2 different request types: Simple request Not simple request Browser makes the decision
9 The trick simple request HEAD,GET or POST Headers: Accept Accept-Language Content-Language Last-Event-ID Content-Type, but only if the value is one of: application/x-www-form-urlencoded multipart/form-data text/plain
10 The trick NOT simple req
11 Preflight example Preflight request: OPTIONS /cors HTTP/1.1 Origin: Access-Control-Request-Method: PUT Access-Control-Request-Headers: X-Custom-Header Host: api.alice.com Accept-Language: en-us Connection: keep-alive User-Agent: Mozilla/5.0 Preflight response: Access-Control-Allow-Origin: Access-Control-Allow-Methods: GET, POST, PUT Access-Control-Allow-Headers: X-Custom-Header Content-Type: text/html; charset=utf-8
12 Attacker Model c
13 Attacker Model c
14 Attacker Model: Knowledge Does he have internal knowledge? Internal External
15 Attacker Model: Goal Get access to the internal network Attack internal services Steal data from the user.
16 Attacker Model: Location Local Remote
17 What is the problem?
18 Attack scenarios CORS is just a tool, not a vulnerability.
19 Attack scenarios: CSRF recap c
20 Attack Scenarios Multistage CSRF Cross-domain data theft Complex JavaScript attack scenarios Pivoting (BeEF) Network Enumeration File upload CSRF
21 Example: File upload CSRF Content-Disposition: form-data; name="file"; filename="test2.txt" Content-Type: text/plain test
22 <html> <body> <script> function submitrequest() { var xhr = new XMLHttpRequest(); xhr.open("post", " true); xhr.setrequestheader("accept", "text/html,application/xhtml+xml;q=0.9,*/*;q=0.8"); xhr.setrequestheader("accept-language", "de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"); xhr.setrequestheader("content-type", "multipart/form-data; boundary= "); xhr.withcredentials = "true"; var body = " \r\n" + "Content-Disposition: form-data; name=\"file\"; filename=\"test2.txt\"\r\n" + "Content-Type: text/plain\r\n" + "\r\n" + "test3\r\n" + " \r\n"; var abody = new Uint8Array(body.length); for (var i = 0; i < abody.length; i++) abody[i] = body.charcodeat(i); xhr.send(new Blob([aBody])); } </script> <form action="#"> <input type="submit" value="submit request" onclick="submitrequest();" /> </form> </body> </html>
23 Limitations Pretty strong limitations
24 Limitations: Write only requests XmlHttpResponse is not readable if: No Access-Control-Allow-Origins header Source origin is not allowed in A-C-AllowOrigins WithCredentials is true but A-C-A-O=* Bear in mind: the requests are still sent!
25 Limitations: Preflight Req Fails If one of the requirements of the pre-flight request is not satisfied, the original request will not be sent. OPTIONS /cors HTTP/1.1 Origin: Access-Control-Request-Method: PUT Access-Control-Request-Headers: X-Custom-Header Host: api.alice.com Accept-Language: en-us Connection: keep-alive User-Agent: Mozilla/5.0
26 Solution More awareness on the basics of CORS Strict Allow-Origin settings Rejecting Allow-Credential requests Change of mindset: development problem
27 Hardening Can and need to be done on various levels: Webserver Application
28 Hardening: Apache HTTPD mod_headers In config or.htaccess <Directory>, <Location>, <Files> or <VirtualHost> Header set Access-Control-Allow-Origin example.com
29 Hardening: Application Application logic should consider CORS and set the appropriate headers. i.e.: ASP.NET: Response.AppendHeader( "Access-Control-Allow-Origin", "example.com");
30 DEMO No animals were harmed in the making of these demos.
31 Q&A Thank you! Gergely Revay Resources:
Cross-Site Request Forgery in Cisco SG220 series
Cross-Site Request Forgery in Cisco SG220 series Security advisory 12/09/2016 Renaud Dubourguais Nicolas Collignon www.synacktiv.com 5 rue Sextius Michel 75015 Paris Vulnerability description The Cisco
Neat tricks to bypass CSRF-protection. Mikhail
Neat tricks to bypass CSRF-protection Mikhail Egorov @0ang3el About me AppSec Engineer @ Ingram Micro Cloud Bug hunter & Security researcher Conference speaker https://www.slideshare.net/0ang3el @0ang3el
Penetration Test Report
Penetration Test Report Feb 12, 2018 Ethnio, Inc. 6121 W SUNSET BLVD LOS angeles, CA 90028 Tel (888) 879-7439 ETHN.io Summary This document contains the most recent pen test results from our third party
HTML5: Something wicked this way comes. Krzysztof Kotowicz Securing
HTML5: Something wicked this way comes Krzysztof Kotowicz Securing 1 About me security researcher HTML 5 UI redressing / clickjacking xss-track, squid-imposter,... pentester IT security trainer Hacking
CSRF in the Modern Age
CSRF in the Modern Age Sidestepping the CORS Standard Tanner Prynn @tannerprynn In This Talk The State of CSRF The CORS Standard How Not To Prevent CSRF The Fundamentals of HTTP Without cookies: With cookies:
Web Security: Vulnerabilities & Attacks
Computer Security Course. Web Security: Vulnerabilities & Attacks Type 2 Type 1 Type 0 Three Types of XSS Type 2: Persistent or Stored The attack vector is stored at the server Type 1: Reflected The attack
jquery Basic HTTP communication
jquery Basic HTTP communication TAMZ 1 Lab 5 See: http://api.jquery.com/jquery.get/ http://api.jquery.com/jquery.post/ Application deployment Application has to be uploaded to a server Using of FTP/SCP/SFTP
Client-Side Security Using CORS
Università Ca Foscari Venezia Master s Degree programme Second Cycle (D.M. 270/2004) in Informatica Computer Science Final Thesis Client-Side Security Using CORS Supervisor Prof. Focardi Riccardo Candidate
CORS Attacks. Author: Milad Khoshdel Blog: P a g e. CORS Attacks
Author: Milad Khoshdel Blog: https://blog.regux.com Email: miladkhoshdel@gmail.com 1 P a g e Contents What is CORS?...3 How to Test?...4 CORS Checker Script...6 References...9 2 P a g e What is CORS? CORS
RBS NetGain Enterprise Manager Multiple Vulnerabilities of 11
RBS-2018-004 NetGain Enterprise Manager Multiple Vulnerabilities 2018-03-22 1 of 11 Table of Contents Vendor / Product Information 3 Vulnerable Program Details 3 Credits 3 Impact 3 Vulnerability Details
The HTTP protocol. Fulvio Corno, Dario Bonino. 08/10/09 http 1
The HTTP protocol Fulvio Corno, Dario Bonino 08/10/09 http 1 What is HTTP? HTTP stands for Hypertext Transfer Protocol It is the network protocol used to delivery virtually all data over the WWW: Images
last time: command injection
Web Security 1 last time: command injection 2 placing user input in more complicated language SQL shell commands input accidentally treated as commands in language instead of single value (e.g. argument/string
LEARN HOW TO USE CA PPM REST API in 2 Minutes!
LEARN HOW TO USE CA PPM REST API in 2 Minutes! WANT TO LEARN MORE ABOUT CA PPM REST API? If you are excited about the updates to the REST API in CA PPM V14.4 and would like to explore some of the REST
Attacks Against Websites. Tom Chothia Computer Security, Lecture 11
Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:
Introduction to HTTP. Jonathan Sillito
Introduction to HTTP Jonathan Sillito If you interested in working with a professor next Summer 2011 apply for an NSERC Undergraduate Student Award. Students must have a GPA of 3.0 or higher to be eligible.
Abusing Windows Opener to Bypass CSRF Protection (Never Relay On Client Side)
Abusing Windows Opener to Bypass CSRF Protection (Never Relay On Client Side) Narendra Bhati @NarendraBhatiB http://websecgeeks.com Abusing Windows Opener To Bypass CSRF Protection Narendra Bhati Page
CORS. Константин Якушев MoscowJS 14,
CORS http://cors.kojo.ru Константин Якушев MoscowJS 14, 28.08.2014 http://api.ya.ru http://api.ya.ru http://api.ya.ru http://m.ya.ru? function Fetch() { var Url = "http://api.ya.ru/"; var xhr = new XMLHttpRequest();
ArcGIS Enterprise Security: Advanced. Gregory Ponto & Jeff Smith
Enterprise Security: Advanced Gregory Ponto & Jeff Smith Agenda Focus: Security best practices for Enterprise Server Portal for 10.5.x Features Strongly Recommend: Knowledge of Server and Portal for Security
ArcGIS Enterprise Security. Gregory Ponto & Jeff Smith
ArcGIS Enterprise Security Gregory Ponto & Jeff Smith Agenda Focus: Security best practices for ArcGIS Enterprise ArcGIS Server Portal for ArcGIS 10.5 Features Strongly Recommend: Knowledge of ArcGIS Server
Web Security, Part 2
Web Security, Part 2 CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
For Bitcoins and Bounties James Kettle
EXPLOITING CORS MISCONFIGURATIONS For Bitcoins and Bounties James Kettle A MORAL STORY WeBuy0day Internal team of security experts Users are all security experts Easily fenced intellectual property Trivial
HTTP Protocol and Server-Side Basics
HTTP Protocol and Server-Side Basics Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming HTTP Protocol and Server-Side Basics Slide 1/26 Outline The HTTP protocol Environment Variables
WHITEPAPER APRIL 2018 THE DEFINITIVE GUIDE TO SAME-ORIGIN POLICY. Alex Baker, Ziyahan Albeniz, Emre İyidogan
WHITEPAPER APRIL 2018 THE DEFINITIVE GUIDE TO SAME-ORIGIN POLICY Alex Baker, Ziyahan Albeniz, Emre İyidogan TABLE OF CONTENTS 3 3 4 5 6 6 6 7 7 8 9 10 10 11 13 13 14 15 15 15 17 17 18 19 INTRODUCTION A
Stopping Automated Application Attack Tools
Stopping Automated Application Attack Tools Black Hat 2006 - Amsterdam March, 2006 Gunter Ollmann Director of X-Force Internet Security Systems Introduction Automated Attack Methods Common Protection Strategies
HTTP Security Headers Explained
HTTP Security Headers Explained Scott Sauber Slides at scottsauber.com scottsauber Audience Anyone with a website Agenda What are HTTP Security Headers? Why do they matter? HSTS, XFO, XSS, CSP, CTO, RH,
address view... 3 URL... 3 Method... 3 URL Params... 3 Required... 3 Optional... 3 Data Params... 4 Success Response... 4 Error Response...
CONTENT address view... 3 URL... 3 Method... 3 URL Params... 3 Required... 3 Optional... 3 Data Params... 4 Success Response... 4 Error Response... 4 Sample Call... 4 JQuery/Ajax... 4 Curl... 5 Notes...
Your Scripts in My Page: What Could Possibly Go Wrong? Sebastian Lekies / Ben Stock Martin Johns
Your Scripts in My Page: What Could Possibly Go Wrong? Sebastian Lekies (@slekies) / Ben Stock (@kcotsneb) Martin Johns (@datenkeller) Agenda The Same-Origin Policy Cross-Site Script Inclusion (XSSI) Generalizing
Attacking Web2.0. Daiki Fukumori Secure Sky Technology Inc.
Attacking Web2.0 Daiki Fukumori Secure Sky Technology Inc. Agenda Introduction What Is Web2.0 (from Attackers view) Attacking Same-Origin Policy Advanced Attacking Same-Origin
CS 410/510: Web Basics
CS 410/510: Web Basics Basics Web Clients HTTP Web Servers PC running Firefox Web Server Mac running Chrome Web Clients Basic Terminology HTML JavaScript Terminology Web page consists of objects Each object
Computer Science 571 Exam #1 Prof. Papa Thursday, February 23, 2017, 6:00pm 7:20pm
Computer Science 571 Exam #1 Prof. Papa Thursday, February 23, 2017, 6:00pm 7:20pm Name: Student Id Number: 1. This is a closed book exam. 2. Please answer all questions. 3. Place all answers on the exam
A Forgotten HTTP Invisibility Cloak. BSides Manchester 2017 by Soroush Dalili
A Forgotten HTTP Invisibility Cloak BSides Manchester 2017 by Soroush Dalili About Me A web application security guy Breaker > Builder Love to bypass stuff with a single character e.g. Remember IIS6 file.asp;.jpg
JOE WIPING OUT CSRF
JOE ROZNER @JROZNER WIPING OUT CSRF IT S 2017 WHAT IS CSRF? 4 WHEN AN ATTACKER FORCES A VICTIM TO EXECUTE UNWANTED OR UNINTENTIONAL HTTP REQUESTS WHERE DOES CSRF COME FROM? 6 SAFE VS. UNSAFE Safe GET HEAD
LAMP, WEB ARCHITECTURE, AND HTTP
CS 418 Web Programming Spring 2013 LAMP, WEB ARCHITECTURE, AND HTTP SCOTT G. AINSWORTH http://www.cs.odu.edu/~sainswor/cs418-s13/ 2 OUTLINE Assigned Reading Chapter 1 Configuring Your Installation pgs.
Web Search An Application of Information Retrieval Theory
Web Search An Application of Information Retrieval Theory Term Project Summer 2009 Introduction The goal of the project is to produce a limited scale, but functional search engine. The search engine should
RKN 2015 Application Layer Short Summary
RKN 2015 Application Layer Short Summary HTTP standard version now: 1.1 (former 1.0 HTTP /2.0 in draft form, already used HTTP Requests Headers and body counterpart: answer Safe methods (requests): GET,
React Native. HTTP/Fetch Sending data
React Native HTTP/Fetch Sending data 1 Sending data to web server Two methods GET requests include all required data in the URL. POST requests supply additional data from the client (browser) to the server
Security Research Advisory IBM WebSphere Portal Cross-Site Scripting Vulnerability
Security Research Advisory IBM WebSphere Portal Cross-Site Scripting Vulnerability Table of Contents SUMMARY 3 VULNERABILITY DETAILS 3 TECHNICAL DETAILS 4 LEGAL NOTICES 5 Secure Network - Security Research
Controller/server communication
Controller/server communication Mendel Rosenblum Controller's role in Model, View, Controller Controller's job to fetch model for the view May have other server communication needs as well (e.g. authentication
Abysssec Research. 1) Advisory information. 2) Vulnerability Information
Abysssec Research 1) Advisory information Title : Personal.Net Portal Multiple Vulnerabilities Affected : Personal.Net Portal Version 2.8.1 Discovery : www.abysssec.com Vendor : http://www.dotnet-portal.net/home.tab.aspx
JOE WIPING OUT CSRF
JOE ROZNER @JROZNER WIPING OUT CSRF IT S 2017 WHAT IS CSRF? 4 WHEN AN ATTACKER FORCES A VICTIM TO EXECUTE UNWANTED OR UNINTENTIONAL HTTP REQUESTS WHERE DOES CSRF COME FROM? LET S TALK HTTP SAFE VS. UNSAFE
Making the web secure by design
Making the web secure by design Glenn ten Cate Security Engineer @Schuberg Philis Riccardo ten Cate Security Researcher Agenda Why SKF What you will get/learn Stages of development Intro & how to Hands
Assignment, part 2. Statement and concepts INFO-0010
Assignment, part 2 Statement and concepts INFO-0010 Outline Statement Implementation of concepts Objective Mastermind game using HTTP GET and HTTP POST methods The platform Architecture Root page ("/")
Threat Landscape 2017
Pattern Recognition and Applications Lab WEB Security Giorgio Giacinto giacinto@diee.unica.it Computer Security 2018 Department of Electrical and Electronic Engineering University of Cagliari, Italy Threat
EDA095 HTTP. Pierre Nugues. March 30, Lund University
EDA095 HTTP Pierre Nugues Lund University http://cs.lth.se/pierre_nugues/ March 30, 2017 Covers: Chapter 6, Java Network Programming, 4 rd ed., Elliotte Rusty Harold Pierre Nugues EDA095 HTTP March 30,
Multi-Post XSRF Web App Exploitation, total pwnage
Multi-Post XSRF Web App Exploitation, total pwnage Adrien de Beaupré SANS ISC Handler Tester of pens Certified SANS Instructor Intru-Shun.ca Inc. SecTor 2015 Introduction Web application vulnerabilities.
Project Insecurity - insecurity.sh OpenEMR v Vulnerability Report
Project Insecurity - insecurity.sh OpenEMR v5.0.1.3 - Vulnerability Report TABLE OF CONTENTS 1.0 - Abstract 3 1.1 - Methodology 3 1.2 - Credits 3 1.3 - Disclosure Timeline 3 2.0 - Patient Portal Authentication
Introduction to Ethical Hacking
Introduction to Ethical Hacking Summer University 2017 Seoul, Republic of Korea Alexandre Karlov Today Some tools for web attacks Wireshark How a writeup looks like 0x04 Tools for Web attacks Overview
CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies
CNIT 129S: Securing Web Applications Ch 3: Web Application Technologies HTTP Hypertext Transfer Protocol (HTTP) Connectionless protocol Client sends an HTTP request to a Web server Gets an HTTP response
Umbra. Embedded Web Security through Application-Layer Firewalls. 1st Workshop on the Security of Cyber-Physical Systems 22 September 2015
Umbra Embedded Web Security through Application-Layer Firewalls Travis Finkenauer J. Alex Halderman 1st Workshop on the Security of Cyber-Physical Systems 22 September 2015 Travis Finkenauer (University
Unraveling the Mysteries of J2EE Web Application Communications
Unraveling the Mysteries of J2EE Web Application Communications An HTTP Primer Peter Koletzke Technical Director & Principal Instructor Common Problem What we ve got here is failure to commun cate. Captain,
Tutorial: Web Application Security
Gerhard de Koning Gans - g.dekoninggans@cs.ru.nl - October 19, 2009 Tutorial: Web Application Security A good programmer is someone who always looks both ways before crossing a oneway street. - Doug Linder
Session 15. RESTful Services Part 3. Lecture Objectives
Session 15 RESTful Services Part 3 1 Lecture Objectives Understand how to pass parameters from the URL to a Web service Understand how to return values from a Web service using the @Produces annotation
Using OAuth 2.0 to Access ionbiz APIs
Using OAuth 2.0 to Access ionbiz APIs ionbiz APIs use the OAuth 2.0 protocol for authentication and authorization. ionbiz supports common OAuth 2.0 scenarios such as those for web server, installed, and
Penetration: from application down to OS
December 27, 2009 Penetration: from application down to OS Getting OS access using Apache Geronimo Application Server vulnerabilities Digitаl Security Research Group (DSecRG) Stanislav Svistunovich research@dsec.com
We Still Don t Have Secure Cross-Domain Requests: an Empirical Study of CORS
We Still Don t Have Secure Cross-Domain Requests: an Empirical Study of CORS Jianjun Chen Tsinghua University Shuo Chen Microsoft Research Jian Jiang Shape Security Vern Paxson UC Berkeley, ICSI Haixin
VULNERABILITY ADVISORY
VULNERABILITY ADVISORY Title ManageEngine OpManager Multiple Authenticated RCE Vulnerabilities Date Released 19/06/2018 Author Vendor Website Affected Software Denis Andzakovic https://www.manageengine.com/network-monitoring/
Harnessing the Power of HTML5 WebSocket to Create Scalable Real-time Applications. Brian Albers & Peter Lubbers, Kaazing
Harnessing the Power of HTML5 WebSocket to Create Scalable Real-time Applications Brian Albers & Peter Lubbers, Kaazing 1 About Peter Lubbers Director of Documentation and Training, Kaazing Co-Founder
Controller/server communication
Controller/server communication Mendel Rosenblum Controller's role in Model, View, Controller Controller's job to fetch model for the view May have other server communication needs as well (e.g. authentication
Postman User Guide. Document Reference: July Version: 2
Postman User Guide Document Reference: 8314 July 2017 Version: 2 Version Number Date Author Changes 1 Sep 2015 Sam Smith 2 Jul 2017 Sam Smith Branding updated Page 1 Contents 1 Introduction... 3 2 Downloading...
CSE361 Web Security. Attacks against the client-side of web applications. Nick Nikiforakis
CSE361 Web Security Attacks against the client-side of web applications Nick Nikiforakis nick@cs.stonybrook.edu Despite the same origin policy Many things can go wrong at the client-side of a web application
s642 web security computer security adam everspaugh
s642 computer security web security adam everspaugh ace@cs.wisc.edu review memory protections / data execution prevention / address space layout randomization / stack protector Sandboxing / Limit damage
Web Attacks CMSC 414. September 25 & 27, 2017
Web Attacks CMSC 414 September 25 & 27, 2017 Overview SQL Injection is frequently implemented as a web-based attack, but doesn t necessarily need to be There are a wide variety of web-based attacks Some
How browsers talk to servers. What does this do?
HTTP HEADERS How browsers talk to servers This is more of an outline than a tutorial. I wanted to give our web team a quick overview of what headers are and what they mean for client-server communication.
Robust Defenses for Cross-Site Request Forgery
Robust Defenses for Cross-Site Request Forgery Tsampanaki Nikoleta Lilitsis Prodromos Gigis Petros Paper Authors: Adam Barth, Collin Jackson, John C. Mitchell Outline What is CSRF attack? What is a login
Harnessing the Power of HTML5 WebSocket to Create Scalable Real-Time Applications. Peter Lubbers Kaazing
Harnessing the Power of HTML5 WebSocket to Create Scalable Real-Time Applications Peter Lubbers Kaazing Wer ist dieser Kerl? > Director of Documentation and Training, Kaazing > Co-Founder San Francisco
HTTP Request Handling
Islamic University of Gaza Faculty of Engineering Department of Computer Engineering ECOM 5049 Advanced Internet Technology Lab Lab # 5 HTTP Request Handling El-masry March, 2014 Objectives To be familiar
Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any
OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing
HTML5 Web Security. Thomas Röthlisberger IT Security Analyst
HTML5 Web Security Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch
World Wide Web, etc.
World Wide Web, etc. Alex S. Raw data-packets wouldn t be much use to humans if there weren t many application level protocols, such as SMTP (for e-mail), HTTP & HTML (for www), etc. 1 The Web The following
HTML5 Web Security. Thomas Röthlisberger IT Security Analyst
HTML5 Web Security Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch
Hacking Web Sites 3) Insecure Direct Object Reference
Hacking Web Sites 3) Insecure Direct Object Reference Emmanuel Benoist Spring Term 2017 Berner Fachhochschule Haute cole spcialise bernoise Berne University of Applied Sciences 1 Table of Contents Introduction
Content Security Policy
About Tim Content Security Policy New Tools for Fighting XSS Pentester > 10 years Web Applications Network Security Products Exploit Research Founded Blindspot Security in 2014 Pentesting Developer Training
Building next-gen Web Apps with WebSocket. Copyright Kaazing Corporation. All rights reserved.
Building next-gen Web Apps with WebSocket Copyright 2011 - Kaazing Corporation. All rights reserved. Who am I? Graham Gear Solution Architect, with Kaazing, purveyors of HTML5 enabling tech Based in London,
The HTTP Protocol HTTP
The HTTP Protocol HTTP Copyright (c) 2013 Young W. Lim. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later
Cross-Site Request Forgery (CSRF) Attack Lab
Laboratory for Computer Security Education 1 Cross-Site Request Forgery (CSRF) Attack Lab (Web Application: Collabtive) Copyright c 2006-2011 Wenliang Du, Syracuse University. The development of this document
HTTP Security. CSC 482/582: Computer Security Slide #1
HTTP Security CSC 482/582: Computer Security Slide #1 Topics 1. How HTTP works 2. HTTP methods, headers, and responses 3. URIs, URLs, and URNs 4. Statelessness 5. Cookies 6. More HTTP methods and headers
CIS 4360 Secure Computer Systems XSS
CIS 4360 Secure Computer Systems XSS Professor Qiang Zeng Spring 2017 Some slides are adapted from the web pages by Kallin and Valbuena Previous Class Two important criteria to evaluate an Intrusion Detection
ModSecurity Use Case: Web 2.0 Defense with Ajax Fingerprinting and Filtering
ModSecurity Use Case: Web 2.0 Defense with Ajax Fingerprinting and Filtering Ajax is fast becoming an integral part of new generation Web applications known as Web 2.0 applications. This evolution has
Progress Exchange June, Phoenix, AZ, USA 1
1 COMP-1: Securing your web application against hackers Edwin Lijnzaad & Ronald Smits Consultants Agenda Introduction Issues How to... Questions 2 COMP-1: Securing your web application against hackers
Web Browser Security. CSC 482/582: Computer Security Slide #1
Web Browser Security CSC 482/582: Computer Security Slide #1 Topics 1. HTML 2. JavaScript, JSON, and the DOM 3. Same Origin Policy (SOP) 4. XHR and Ajax 5. Cross-Origin Resource Sharing (CORS) 6. Extensions
Configuring User Defined Patterns
The allows you to create customized data patterns which can be detected and handled according to the configured security settings. The uses regular expressions (regex) to define data type patterns. Custom
Ajax Ajax Ajax = Asynchronous JavaScript and XML Using a set of methods built in to JavaScript to transfer data between the browser and a server in the background Reduces the amount of data that must be
Reflected XSS Cross-Site Request Forgery Other Attacks
Reflected XSS Cross-Site Request Forgery Other Attacks CS 166: Introduction to Computer Systems Security 2/21/18 XSS, CSRF, Other Attacks 1 Reflected XSS 2/21/18 XSS, CSRF, Other Attacks 2 Recap of Persistent
epldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
Kerberos and Single Sign On with HTTP
Kerberos and Single Sign On with HTTP Joe Orton Red Hat Overview Introduction The Problem Current Solutions Future Solutions Conclusion Introduction WebDAV: common complaint of poor support for authentication
Ethical Hacking as a Professional Penetration Testing Technique ISSA Southern Tier & Rochester Chapters
Ethical Hacking as a Professional Penetration Testing Technique ISSA Southern Tier & Rochester Chapters - Durkee Consulting, Inc. Background Founder of Durkee Consulting since 1996 Founder of Rochester
RBS NetGain Enterprise Manager Web Interface Multiple Vulnerabilities of 9
RBS-2017-003 NetGain Enterprise Manager Web Interface Multiple Vulnerabilities 2018-03-22 1 of 9 Table of Contents Vendor / Product Information 3 Vulnerable Program Details 3 Credits 3 Impact 3 Vulnerability
CSE392/ISE331. Web Security Goals & Workings of the Web. Nick Nikiforakis
CSE392/ISE331 Web Security Goals & Workings of the Web Nick Nikiforakis nick@cs.stonybrook.edu Goals of Web Security Safely browse the Web A malicious website cannot steal information from or modify legitimate
shortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge
shortcut Your Short Cut to Knowledge The following is an excerpt from a Short Cut published by one of the Pearson Education imprints. Short Cuts are short, concise, PDF documents designed specifically
Comet and WebSocket Web Applications How to Scale Server-Side Event-Driven Scenarios
Comet and WebSocket Web Applications How to Scale Server-Side Event-Driven Scenarios Simone Bordet sbordet@intalio.com 1 Agenda What are Comet web applications? Impacts of Comet web applications WebSocket
COSC 2206 Internet Tools. The HTTP Protocol
COSC 2206 Internet Tools The HTTP Protocol http://www.w3.org/protocols/ What is TCP/IP? TCP: Transmission Control Protocol IP: Internet Protocol These network protocols provide a standard method for sending
Web, HTTP and Web Caching
Web, HTTP and Web Caching 1 HTTP overview HTTP: hypertext transfer protocol Web s application layer protocol client/ model client: browser that requests, receives, displays Web objects : Web sends objects
Security of. Cookies
Security of Cookies Cookies are the way HTTP ensures that users who send a request to a website are allowed access to visit restricted areas. This paper will examine the topic of cookie security by evaluating
Web Security. Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le
Web Security Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le Topics Web Architecture Parameter Tampering Local File Inclusion SQL Injection XSS Web Architecture Web Request Structure Web Request Structure
A Server- and Browser-Transparent CSRF Defense for Web 2.0 Applications
A Server- and Browser-Transparent CSRF Defense for Web 2.0 Applications Riccardo Pelizzi System Security Lab Department of Computer Science Stony Brook University December 8, 2011 1 / 18 Riccardo Pelizzi
WEB SECURITY: XSS & CSRF
WEB SECURITY: XSS & CSRF CMSC 414 FEB 22 2018 Cross-Site Request Forgery (CSRF) URLs with side-effects http://bank.com/transfer.cgi?amt=9999&to=attacker GET requests should have no side-effects, but often
Common Websites Security Issues. Ziv Perry
Common Websites Security Issues Ziv Perry About me Mitnick attack TCP splicing Sql injection Transitive trust XSS Denial of Service DNS Spoofing CSRF Source routing SYN flooding ICMP
Composer Help. Web Request Common Block
Composer Help Web Request Common Block 7/4/2018 Web Request Common Block Contents 1 Web Request Common Block 1.1 Name Property 1.2 Block Notes Property 1.3 Exceptions Property 1.4 Request Method Property
Web Application Security. Philippe Bogaerts
Web Application Security Philippe Bogaerts OWASP TOP 10 3 Aim of the OWASP Top 10 educate developers, designers, architects and organizations about the consequences of the most common web application security
CNIT 129S: Securing Web Applications. Ch 4: Mapping the Application
CNIT 129S: Securing Web Applications Ch 4: Mapping the Application Mapping Enumerate application's content and functionality Some is hidden, requiring guesswork and luck to discover Examine every aspect