Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
attacker.com/
main.html
window1
time
window1
time
window2
attacker.com/
main.html
attacker.com/
step1.html
window.open
attacker.com/
main.html
window1
time
attacker.com/
step1.html
window2
victim.com/
photos
redirect
attacker.com/
main.html
window1
time
attacker.com/
step1.html
window2
victim.com/
photos
victim.com/
callback?
window.open...
attacker.com/
main.html
window1
time
attacker.com/
step1.html
window2
victim.com/
photos
victim.com/
callback?
window.open...
Upcoming SlideShare
Loading in …5
×

0

Share

Download to read offline

Same Origin Method Execution Diagram

Download to read offline

A PowerPoint displaying a workflow of exploitation for a Same Origin Method Execution vulnerability.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Same Origin Method Execution Diagram

  1. 1. attacker.com/ main.html window1 time
  2. 2. window1 time window2 attacker.com/ main.html attacker.com/ step1.html window.open
  3. 3. attacker.com/ main.html window1 time attacker.com/ step1.html window2 victim.com/ photos redirect
  4. 4. attacker.com/ main.html window1 time attacker.com/ step1.html window2 victim.com/ photos victim.com/ callback? window.opener.share AllPhotosredirect window.opener refers to victim origin now
  5. 5. attacker.com/ main.html window1 time attacker.com/ step1.html window2 victim.com/ photos victim.com/ callback? window.opener.share AllPhotosredirect window.opener refers to victim origin now JavaScript executed on victim.com/ photos

A PowerPoint displaying a workflow of exploitation for a Same Origin Method Execution vulnerability.

Views

Total views

9,182

On Slideshare

0

From embeds

0

Number of embeds

8,115

Actions

Downloads

8

Shares

0

Comments

0

Likes

0

×