Your SlideShare is downloading. ×
Presentation on "XSS Defeating Concept in (secure)SiteHoster" : 'nullcon-2011'
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Presentation on "XSS Defeating Concept in (secure)SiteHoster" : 'nullcon-2011'

1,004
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,004
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. http://nullcon.net NEW CONCEPTS DEFEATING WEB ATTACKS(secure) SiteHoster
  • 2.  Family Named: AbhishekKr Friends Call: ABK g33k Handle: aBionic IndependentSecurity Enthusiast/Researcher Also a Member of „EvilFingers‟ (other than ‘NULL’) Application-Developer in ThoughtWorks Inc. OpenSource Lover http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 3.  Other than expanding to (secure)SiteHoster A Fresh A Lab (s)SH Approach RAT http://sourceforge.net/projects/sitehoster http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 4. http://null.co.inhttp://nullcon.net It‟s The Same Old ProblemaBionic@twitter,linkedin,FB
  • 5. http://null.co.inhttp://nullcon.net Same Old Problem With A New Perspective To Solve ItaBionic@twitter,linkedin,FB
  • 6. http://null.co.inhttp://nullcon.net offensive security to secureaBionic@ ATTACK THE ATTACKERtwitter,linkedin,FB
  • 7. http://null.co.inhttp://nullcon.net Major Threats for Web Applications Stats are not same (of 2009) …aBionic@twitter,linkedin,FB But t h r e a t s are
  • 8. XSS Defeating Concept always aim the strongest opponent first, makes you win battle easilyhttp://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 9. IT IS JUST A PIECE OF CODE aBionic@twitter,linkedin,FB
  • 10. <TAGS/> R GooD aBionic@twitter,linkedin,FB
  • 11. And if it’s Code… aBionic@twitter,linkedin,FB
  • 12. http://null.co.inhttp://nullcon.net !dea is toaBionic@ BUGtwitter,linkedin,FB
  • 13. http://null.co.inhttp://nullcon.net 3 Major XSS Attack Patterns All Effect From Options of User Input, a Web2.0 GiftaBionic@twitter,linkedin,FB
  • 14. + Karthik calling Karthik…http://null.co.in + User (tricked) Input…http://nullcon.net Included or injected <script/> What You See Is (*NOT*) What You GetaBionic@twitter,linkedin,FB
  • 15. http://null.co.inhttp://nullcon.net Who calls, or who injects What finally happens is unwanted <script/>aBionic@twitter,linkedin,FB
  • 16. http://null.co.inhttp://nullcon.net Disarm <script/> Take away all its POWER!!!!!aBionic@twitter,linkedin,FB
  • 17. http://null.co.inhttp://nullcon.net Dis-Infect Entire Body To kill all unwanted „Creepy-Living‟ BeingsaBionic@twitter,linkedin,FB
  • 18. Generated HyperText <html> <head><script>function h(){alert(“some dev-script in HEAD Tag”);}</script></head> <body> <script DEFER>heavy_stuff=true;</script> name: <div id=”fromDB” onMouseOver=”h();”><script>alert(„attacker injected it, could do anything‟);</script> </div> </body> </html> aBionic@twitter,linkedin,FB
  • 19. Server Patched View<html><head><script> function h(){alert(“this is dev-scripts in HEAD Tag”);}</script></head><BD><BODY ><script DEFER>heavy_stuff=true;</script><script type=text/javascript>x=document.getElementsByTagName("BODY");x[0].innerHTML = "name:<div id="fromDB" onclick="h();"><script>alert(attacker injected it, could do anything);</script></div>“;</script></BODY></BD></html> aBionic@twitter,linkedin,FB
  • 20. http://null.co.inhttp://nullcon.net But… still  …other two monkeys got a chanceaBionic@twitter,linkedin,FB
  • 21. http://null.co.inhttp://nullcon.net „javascript:‟ may effect asaBionic@twitter,linkedin,FB
  • 22. http://null.co.inhttp://nullcon.net So „javascript:<bugMe/>‟aBionic@twitter,linkedin,FB
  • 23. http://null.co.inhttp://nullcon.net 1 Monkey can wreck havoc 2 are pwn3d… but 3rd is powerful enoughaBionic@twitter,linkedin,FB
  • 24. http://null.co.inhttp://nullcon.net „Be Kind‟ on Entropy -says „JS-Events‟aBionic@twitter,linkedin,FB
  • 25. http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 26. Ninja Parse User Input aBionic@twitter,linkedin,FB
  • 27. Bug-it-su pwn JS-Events aBionic@twitter,linkedin,FB
  • 28. hardcore ‘js-events’ pwnage aBionic@twitter,linkedin,FB
  • 29. http://null.co.inhttp://nullcon.net XSS Attack gets bugged <TAGS/> go GreenaBionic@twitter,linkedin,FB
  • 30. http://null.co.inhttp://nullcon.net Innocence Is Saved Normal User Input Matching Attack aint FilteredaBionic@twitter,linkedin,FB
  • 31. http://null.co.inhttp://nullcon.net All Monkeys Defeated And so are Script-JunkiesaBionic@twitter,linkedin,FB
  • 32. CURRENTLY JUST DEV PERSPECTIVE aBionic@twitter,linkedin,FB
  • 33. For Un-Privileged AXNs aBionic@twitter,linkedin,FB
  • 34. Old Wine, Why Not Always Used DB all boss Read on Read,write.* Table T1 Read,Write on Table t2 User- Web-App Mapper aBionic@twitter,linkedin,FB
  • 35. http://null.co.inhttp://nullcon.net & For Condition Match An A Apple Hash A An Day Input Keeps The Doctor Attacker AwayaBionic@twitter,linkedin,FB
  • 36.  I Tweet Tech: http://www.twitter.com/aBionic I Blog Tech: http://abhishekkr.wordpress.com/ I OpenSource  GitHub: https://github.com/abhishekkr  SourceForge: http://sourceforge.net/users/abhishekkr I Socialize: http://www.facebook.com/aBionic I Techalize: http://in.linkedin.com/in/abionic I Deviantize: http://abhishekkr.deviantart.com/ http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB

×