Your SlideShare is downloading. ×
Extreme Web Hacking - h2hc 2008
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Extreme Web Hacking - h2hc 2008

989
views

Published on

Published in: Technology, News & Politics

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
989
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Wagner Elias > Extreme Web Hacking http://wagnerelias.com São Paulo, 09/11/2008
  • 2. GET Info
  • 3. Web Security é Simples
  • 4. Não Estúpido
  • 5. Extreme Web Resources
  • 6. AJAX INSECURITY - 1
  • 7. AJAX INSECURITY - 2
  • 8. JSON INSECURITY var json = "['Wagner', 2008, ''];alert('XSS');//']" var myArray = eval(json);
  • 9. XML INSECURITY - 1 <?xml version=&quot;1.0&quot; encoding=&quot;ISO-8859-1&quot;?> <!DOCTYPE foo [ <!ELEMENT foo ANY> <!ENTITY xxe SYSTEM &quot;file://c:/boot.ini&quot;> ]> <foo>&xxe;</foo>
  • 10. XML INSECURITY - 2
  • 11. XML-RPC INSECURITY
  • 12. Extreme Web Hacking
  • 13. Análise passiva com Ratproxy
  • 14. Explorando Web Resouces com w3af
  • 15. Perguntas?
  • 16. Referências

×