70 likes | 200 Views
The attacks. XSS type 1: non-persistent type 2: persistent Advanced: other keywords (<style>, prompt()) or other technologies such as Flash. The attacks. SQL Injection first order: non-persistent second order: persistent. The attacks. Cross Channel Scripting
E N D
The attacks • XSS • type 1: non-persistent • type 2: persistent • Advanced: other keywords (<style>, prompt()) or other technologies such as Flash
The attacks • SQL Injection • first order: non-persistent • second order: persistent
The attacks • Cross Channel Scripting • Similar to XSS and SQLI (contains all non-XSS, non-SQLI code injection vulnerabilites) • examples: • Xpath Injection: unsanitzed data used in XML • Malicious File Upload • Open Redirects: (http://www.vulnerable.com?redirect=http://www.attacker.com) • Path Traversal (http://foo.com/../../barfile)
The attacks • Session Management • credentials sent over unencrypted HTTP • weak password recovery questions • weak CAPTCHAs • predicable authentication id values • insecure session cookies
The attacks • Cross-Site Request Forgery • Alice is logged into her bank account • Trudy sends Alice an e-mail containing a link with a request to transfer money to Trudy's account • could require a click (<a href=”malicious_link”>) • or not (<img src=”malicious link”>) • When the request is sent by Alice (eg by attempting to view the image), her authentication cookie is sent with it
The attacks • SSL/Server Config • misconfigurations in the web server or SSL
Information Leakage • Various methods of gaining sensitive information such as database names, source code or user names • die() function • path vulnerabilities