Developing Secure Web Application - Cross-Site Scripting (XSS)
•Télécharger en tant que PPTX, PDF•
4 j'aime•996 vues
Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à Developing Secure Web Application - Cross-Site Scripting (XSS)
Similaire à Developing Secure Web Application - Cross-Site Scripting (XSS) (20)
Plus de Codecamp Romania
Plus de Codecamp Romania (20)
Developing Secure Web Application - Cross-Site Scripting (XSS)
- 1. Developing Secure Web Application Cross-Site Scripting (XSS) Cezar Coca Endava 10th of November 2012
- 2. Agenda • Why? • Formal description • Same Origin Policy • How to perform an XSS attack • Demo • Prevention of XSS attacks
- 3. OWASP Top Ten (2010 Edition) http://www.owasp.org/index.php/Top_10
- 4. At first sight =
- 5. Second sight
- 6. XSS formal description Types – at least two primary flavors • Non-persistent (or reflected) • Persistent (or stored) Typical impact • Steal user’s session (hijack session) • Rewrite web page • Redirect user to phishing or malware site • Most Severe: Install XSS proxy
- 7. Same Origin Policy – Security Domain
- 8. Same Origin Policy - DOM
- 9. Same Origin Policy - DOM
- 10. Same Origin Policy - DOM
- 11. Reflected XSS Illustrated Attacker send the victim a misleading email with a link 1 containing malicious JavaScript
- 12. Reflected XSS Illustrated When the victim clicks on the link, the HTTP request is initiated from the victim's browser and sent to the vulnerable Web application. 2 Attacker send the victim a misleading email with a link 1 containing malicious JavaScript
- 13. Reflected XSS Illustrated The malicious JavaScript is then reflected back to the victim's browser, where it is executed in the context of When the victim clicks on the the victim user's session link, the HTTP request is initiated from the victim's browser and 3 sent to the vulnerable Web application. 2 Attacker send the victim a misleading email with a link 1 containing malicious JavaScript
- 14. DEMO – deployment diagram
- 15. LET’S HACK
- 16. Second sight
- 17. Prevention of XSS Attack – part 1 • Input Validation • Canonicalize data first • Prevent encoded attacks • Black list testing is no solution • Black lists are never complete! • White list testing is better • Only what you expect will pass • Regular expressions • HTML Encoding • HTML encoding of all input when put into output pages
- 18. Prevention of XSS Attack – Multiple contexts Browser have multiple contexts that must be considered! HTML HTML <STYLE> <SCRIPT> URL Body Attributes Context Context Context
- 19. Prevention of XSS Attack – Session Hijacking • Session hijacking • “HttpOnly" Cookies • "secure" Cookies. Cookies are only sent over SSL • Disable TRACE • References: • http://www.owasp.org/index.php/XSS_(Cross Site Scripting) Prevention Cheat Sheet • http://ha.ckers.org/xss.html • http://www.owasp.org/index.php/ESAPI
- 22. Diamond Sponsors Platinum Sponsors Gold Sponsors Training Partners Media Partners Other Partners