1 / 14

Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007

JavaScript Injection and Web Hacking Techniques. Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007. Georgia Institute of Technology College of Engineering School of Electrical and Computer Engineering. Motivation. To learn more about web security Analyze rather than double click

maik
Download Presentation

Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. JavaScript Injection and Web Hacking Techniques Juan O’ConnellJustin RandECE 4112 Group 19May 1, 2007 Georgia Institute of TechnologyCollege of EngineeringSchool of Electrical and Computer Engineering

  2. Motivation To learn more about web security Analyze rather than double click There is no set path to assess vulnerabilities JavaScript is used in millions of web pages Supplement from Lab 9 It is easy to learn!

  3. What is JavaScript? • JavaScript is a dynamic scripting language that supports prototype based object construction • Developed by Netscape • Adds additional interaction between the web site and its visitors • JavaScript is the most popular scripting language on the internet.

  4. PkCrack – Cracking PkZip Encryption Known plaintext attack Need unencrypted file Command line program \PkCrack> pkcrack -C -c -P -p -d -C <encrypted .ZIP> -c <encrypted file> -P <plaintext .ZIP> -p <plaintext file> -d <cracked .ZIP>

  5. Lab Layout • Section 0: Setup • Section 1: JavaScript • Section 1.1 – The Basics: JavaScript Tutorial • Section 1.2 – JavaScript Injection • Section 1.3 – Vulnerability Assessment of Guest Books • Section 2 - “Realistic” Web Hack

  6. Section 1.2 Demo • Variable change • http://www.prism.gatech.edu/~gtg131v/4112/ • The code <javascript:c=5;> • Grandma’s Cookie • http://www.prism.gatech.edu/~gtg131v/4112/ • The code <javascript:void:(document.cookie=”Authorized=true”); javascript:alert(document.cookie);>

  7. Section 1.3 Real Demo • Guest Book • http://www.legacy.com/Atlanta/Obituaries.asp • Assessment code <u> some text </u> <plaintext> • Injection <img src="asdf" onerror="alert('Welcome!')"/> • Get Creative! <img src="asdf" onerror=" void(window.location=('http://www.ece.gatech.edu'))"/>

  8. Solutions • JavaScript Injection • Always validate the input received against a white list • Do not rely on client side validation to validate the user input • Validate the input every time • Guest Books • Use a code filter!

  9. Section 2 – “Realistic” Web Hack Search page source for hidden directory Download critical file Exploit using PkCrack From here?

  10. Solution Limit Directory access Apache can use .htaccess and .htpasswd Must change httpd.conf AllowOverride AuthConfig Create .htaccess in the directory you want to protect Will reference .htpasswd and ask for authorization

  11. References [1] http://www.hackthissite.org

  12. Questions ?

More Related