SlideShare a Scribd company logo

How We Hacked LinkedIn and What Happened Next | JFall 2016

Download as PPTX, PDF
Ruben van Vreeland
Ruben van Vreeland

Blog: https://bitsensor.io/blog/jfall-2016-in-depth-secure-coding-patterns We're going deep into XSS attacks with actual examples from LinkedIn, eBay and IndieGoGo. Starting with an attack that uses CSS selectors to fool users, then going into building XSS with interactions, such as local portscans, using BeEF. After showing why XSS is dangerous, I'm suggesting that we should take our coding paradigms such as Unit Testing, Integration Testing, Design Patterns, Clean Code, Logging and Paging, and apply that to security vulnerabilities. We finish with a maturity level in our security where we don't even have to get up at night when we're paged, we've just automated the response and mitigated the risk using HAProxy and isolated the attacker to a sandboxed version of our container. We will do this by only using opensource components on the Vamp platform, with ElastAlert and the opensource BitSensor plugin.

Software
1 of 67
How we hacked and how you can be safe Ruben van Vreeland How we hacked and whathappened next
Code Patterns for Security blogpost available at: https://bitsensor.io/blog/jfall-2016-in-depth-secure-coding-patterns
Fixed
Fixed
WTF? XSS! Eehm, whats the deal? Hunting bugs: case study How to not become the next casestudy Security equivalents for - tests - code patterns - clean code - logging - self healing
https://www.owasp.org/index.php/Top_10_2013-Top_10
<script>alert(1)</script>
Comand & Control BROWSER WEBPAGE XSSBootstrap PayloadWEBPAGE User Data Firewalled Network Change Data Passwords
<a href="javascript:alert(/Exploit me!/)"> javascript:alert(/Exploit me!/) </a>
<a href=“ javascript:payload ” style=“ width:100%; height: 100%; position: fixed; left: 0px; top: 0px; background: rgba(255, 0, 0, 0.5); ” ></a> http://output.jsbin.com/cipozanute/1/ BEEF HOOK Test mode Window position Set position type Set size
<a style=“width: expression(alert(1));” />
<a href=“ javascript:payload ” style=“ width:100%; height: 100%; left: 0px; top: 0px; position: fixed; background: rgba(255, 0, 0, 0.5); ” ></a>
<head> <!-- Bootstrap core CSS --> <link href="http://getbootstrap.com/dist/css/bootstrap.min.css" rel="stylesheet"> </head>
3663 .dropdown-backdrop { 3664 position: fixed; 3665 top: 0; 3666 right: 0; 3667 bottom: 0; 3668 left: 0; 3669 z-index: 990; 3670 } bootstrap.css
4299 .navbar-fixed-top, 4300 .navbar-fixed-bottom { 4301 position: fixed; 4302 right: 0; 4303 left: 0; 4304 z-index: 1030; 4305 } bootstrap.css
<a href=“ javascript:payload ” width=“100%” height=“100%” class=“dropdown-backdrop navbar-fixed-top”> </a> http://output.jsbin.com/zoqipeloca/1/ BEEF HOOK Capture window Set position Set full window Set full window Z-index
iframe
javascript link whitelisted iframe 100% covering iframe iframe cross domain iframe open redirect 100% covering link 100% covering image covering image & link
image link
Fixed
Login http://jsbin.com/dejite/13/edit you@hackme.bitsensor.io ****************
Fixed
you@hackme.bitsensor.io **************** Login http://jsbin.com/dejite/13/edit
http://jsbin.com/dejite/13/edit
attribute: id class style form iframe oembed/embed.ly remove from whitelist
HTML5 iframe sandbox harden allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts allow-top-navigation
HTML5 iframe sandbox harden allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts allow-top-navigation
1 javascript link 5 whitelisted iframe 10 100% covering iframe 11 iframe cross domain 14 iframe open redirect 20 100% covering link 23 100% covering image 25 covering image & link attempts
<img src=“/uploads/mycatpicture.png ” /> <img src=“” “” /> <img src=“” /> <a “” /> <img src=“” /><script>alert(1)</script><a “” />
<img src=“/favicon.png ” /> <img src=“/favicon.png” “” /> <img src=“/favicon.png” onload=“ “” /> <img src=“/favicon.png” onload=“alert(1) “” />
<a href=“http://twitter.com/@EnableBitSensor”/> <a href=“ ”/> <a href=“javascript: alert(1) ”/> <a href=“javascript:// alert(1) ”/> <a href=“javascript://%0Aalert(1) ”/>
<script> var user = ruben ;</script> <script> var user = ruben; alert(1) ;</script>
<div style=“width: 10px ;”/> <div style=“width: expression(alert(1)) ;”/>
ELK / Elastic stack exceptions ids/ips (modsecurity) Logging
+31 (0)6 122 10 587 ruben@bitsensor.io 0x4D4ED75AD9BB92F8
“Please rate my talk in the unhacked J-Fall app”

Recommended

Lets exploit Injection and XSS
Lets exploit Injection and XSSLets exploit Injection and XSS
Lets exploit Injection and XSSlethalduck
 
Application Layer Firewalls
Application Layer FirewallsApplication Layer Firewalls
Application Layer FirewallsSaumil Shah
 
Access Denied
Access DeniedAccess Denied
Access DeniedPaul Gilzow
 
How to own the world, one desktop at a time
How to own the world, one desktop at a timeHow to own the world, one desktop at a time
How to own the world, one desktop at a timeSaumil Shah
 
Helen Zhukova "JS static typing. What and why."
Helen Zhukova "JS static typing. What and why."Helen Zhukova "JS static typing. What and why."
Helen Zhukova "JS static typing. What and why."OdessaJS Conf
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITEAcodez IT Solutions
 
How to free your computer from virus-shara aguirre-director of happiness.m4v
How to free your computer from virus-shara aguirre-director of happiness.m4vHow to free your computer from virus-shara aguirre-director of happiness.m4v
How to free your computer from virus-shara aguirre-director of happiness.m4vShara Aguirre
 
Sammy Virus
Sammy VirusSammy Virus
Sammy Viruscoolkyle
 

Recommended

Lets exploit Injection and XSS
Lets exploit Injection and XSSLets exploit Injection and XSS
Lets exploit Injection and XSSlethalduck
 
Application Layer Firewalls
Application Layer FirewallsApplication Layer Firewalls
Application Layer FirewallsSaumil Shah
 
Access Denied
Access DeniedAccess Denied
Access DeniedPaul Gilzow
 
How to own the world, one desktop at a time
How to own the world, one desktop at a timeHow to own the world, one desktop at a time
How to own the world, one desktop at a timeSaumil Shah
 
Helen Zhukova "JS static typing. What and why."
Helen Zhukova "JS static typing. What and why."Helen Zhukova "JS static typing. What and why."
Helen Zhukova "JS static typing. What and why."OdessaJS Conf
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITEAcodez IT Solutions
 
How to free your computer from virus-shara aguirre-director of happiness.m4v
How to free your computer from virus-shara aguirre-director of happiness.m4vHow to free your computer from virus-shara aguirre-director of happiness.m4v
How to free your computer from virus-shara aguirre-director of happiness.m4vShara Aguirre
 
Sammy Virus
Sammy VirusSammy Virus
Sammy Viruscoolkyle
 
Basic Scary DNS
Basic Scary DNSBasic Scary DNS
Basic Scary DNSevilsquelch
 
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir Goldshlager
 
Computer Security and the Web (1)
Computer Security and the Web (1)Computer Security and the Web (1)
Computer Security and the Web (1)Richard Stone
 
Brakeman
BrakemanBrakeman
BrakemanRomain Sempé
 
Locking Down Your WordPress Site
Locking Down Your WordPress SiteLocking Down Your WordPress Site
Locking Down Your WordPress SiteFrank Corso
 
Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Sagar M Parmar
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressChelsea O'Brien
 
Let's pwn a chinese web browser!
Let's pwn a chinese web browser!Let's pwn a chinese web browser!
Let's pwn a chinese web browser!Juho Nurminen
 
Wp security presentation
Wp security presentationWp security presentation
Wp security presentationNik Cree
 
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users SafeTBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users SafeTony Perez
 
Its just a flesh wound
Its just a flesh woundIts just a flesh wound
Its just a flesh woundBrett Gravois
 
Hack miami emiliocasbas
Hack miami emiliocasbasHack miami emiliocasbas
Hack miami emiliocasbasEmilio Casbas
 
Bug Bounty - Hackers Job
Bug Bounty - Hackers JobBug Bounty - Hackers Job
Bug Bounty - Hackers JobArbin Godar
 
Spyware
SpywareSpyware
Spywareguest6fde72
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser BotnetSource Conference
 
How to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteHow to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteMeganGood12
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - BeginnersHimanshu Kumar Das
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From HacksTony Perez
 
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드강 민우
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSiteGround.com
 
Presentación1
Presentación1Presentación1
Presentación1Kodaka Ikeda
 
Tecnologias de gestion tics
Tecnologias de gestion ticsTecnologias de gestion tics
Tecnologias de gestion ticsMargarita Muñoz
 

More Related Content

What's hot

Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir Goldshlager
 
Computer Security and the Web (1)
Computer Security and the Web (1)Computer Security and the Web (1)
Computer Security and the Web (1)Richard Stone
 
Locking Down Your WordPress Site
Locking Down Your WordPress SiteLocking Down Your WordPress Site
Locking Down Your WordPress SiteFrank Corso
 
Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Sagar M Parmar
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressChelsea O'Brien
 
Let's pwn a chinese web browser!
Let's pwn a chinese web browser!Let's pwn a chinese web browser!
Let's pwn a chinese web browser!Juho Nurminen
 
Wp security presentation
Wp security presentationWp security presentation
Wp security presentationNik Cree
 
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users SafeTBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users SafeTony Perez
 
Its just a flesh wound
Its just a flesh woundIts just a flesh wound
Its just a flesh woundBrett Gravois
 
Hack miami emiliocasbas
Hack miami emiliocasbasHack miami emiliocasbas
Hack miami emiliocasbasEmilio Casbas
 
Bug Bounty - Hackers Job
Bug Bounty - Hackers JobBug Bounty - Hackers Job
Bug Bounty - Hackers JobArbin Godar
 
How to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteHow to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteMeganGood12
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From HacksTony Perez
 
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드강 민우
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSiteGround.com
 

What's hot (20)

Basic Scary DNS
Basic Scary DNSBasic Scary DNS
Basic Scary DNS
 
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
 
Computer Security and the Web (1)
Computer Security and the Web (1)Computer Security and the Web (1)
Computer Security and the Web (1)
 
Brakeman
BrakemanBrakeman
Brakeman
 
Locking Down Your WordPress Site
Locking Down Your WordPress SiteLocking Down Your WordPress Site
Locking Down Your WordPress Site
 
Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
 
Let's pwn a chinese web browser!
Let's pwn a chinese web browser!Let's pwn a chinese web browser!
Let's pwn a chinese web browser!
 
Wp security presentation
Wp security presentationWp security presentation
Wp security presentation
 
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users SafeTBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
 
Its just a flesh wound
Its just a flesh woundIts just a flesh wound
Its just a flesh wound
 
Hack miami emiliocasbas
Hack miami emiliocasbasHack miami emiliocasbas
Hack miami emiliocasbas
 
Bug Bounty - Hackers Job
Bug Bounty - Hackers JobBug Bounty - Hackers Job
Bug Bounty - Hackers Job
 
Spyware
SpywareSpyware
Spyware
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser Botnet
 
How to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteHow to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress Website
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - Beginners
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From Hacks
 
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드
[IGC 2017] 잔디소프트 윤세민 - HTML5, 크로스플랫폼, 그리고 MMORPG feat. 매드월드
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
 

Viewers also liked

Tecnologias de gestion tics
Tecnologias de gestion ticsTecnologias de gestion tics
Tecnologias de gestion ticsMargarita Muñoz
 
Fuentes de ruido
Fuentes de ruidoFuentes de ruido
Fuentes de ruidogilop12
 
Katalog Bosh Measuring Tools Range
Katalog Bosh Measuring Tools RangeKatalog Bosh Measuring Tools Range
Katalog Bosh Measuring Tools RangeNata Sukmaja
 
Fuentes de ruido
Fuentes de ruidoFuentes de ruido
Fuentes de ruidogilop12
 
Kleber cevallos componente
Kleber cevallos componenteKleber cevallos componente
Kleber cevallos componentekleber22
 
Kleber cevallos componente
Kleber cevallos componenteKleber cevallos componente
Kleber cevallos componentekleber22
 
Análisis de comportamiento organizacional de la empresa
Análisis de comportamiento organizacional de la empresaAnálisis de comportamiento organizacional de la empresa
Análisis de comportamiento organizacional de la empresaguillozam01
 
Restricciones y omisiones en la interpretación del derecho a la consulta prev...
Restricciones y omisiones en la interpretación del derecho a la consulta prev...Restricciones y omisiones en la interpretación del derecho a la consulta prev...
Restricciones y omisiones en la interpretación del derecho a la consulta prev...Jimena Cucho Misaico
 
Kleber cevallos componente
Kleber cevallos componenteKleber cevallos componente
Kleber cevallos componentekleber22
 
Federalismo final bases
Federalismo final basesFederalismo final bases
Federalismo final basesYolanda Ortiz
 
Lenguaje Audiovisual Pedagogía de la Imagen
Lenguaje Audiovisual Pedagogía de la Imagen Lenguaje Audiovisual Pedagogía de la Imagen
Lenguaje Audiovisual Pedagogía de la Imagen lgr737
 

Viewers also liked (20)

Presentación1
Presentación1Presentación1
Presentación1
 
Tecnologias de gestion tics
Tecnologias de gestion ticsTecnologias de gestion tics
Tecnologias de gestion tics
 
Fuentes de ruido
Fuentes de ruidoFuentes de ruido
Fuentes de ruido
 
Final negocios
Final negociosFinal negocios
Final negocios
 
Katalog Bosh Measuring Tools Range
Katalog Bosh Measuring Tools RangeKatalog Bosh Measuring Tools Range
Katalog Bosh Measuring Tools Range
 
Fall2016_highres
Fall2016_highresFall2016_highres
Fall2016_highres
 
Maquillaje
MaquillajeMaquillaje
Maquillaje
 
Fuentes de ruido
Fuentes de ruidoFuentes de ruido
Fuentes de ruido
 
Kleber cevallos componente
Kleber cevallos componenteKleber cevallos componente
Kleber cevallos componente
 
Loros
LorosLoros
Loros
 
Kleber cevallos componente
Kleber cevallos componenteKleber cevallos componente
Kleber cevallos componente
 
Análisis de comportamiento organizacional de la empresa
Análisis de comportamiento organizacional de la empresaAnálisis de comportamiento organizacional de la empresa
Análisis de comportamiento organizacional de la empresa
 
Restricciones y omisiones en la interpretación del derecho a la consulta prev...
Restricciones y omisiones en la interpretación del derecho a la consulta prev...Restricciones y omisiones en la interpretación del derecho a la consulta prev...
Restricciones y omisiones en la interpretación del derecho a la consulta prev...
 
Kleber cevallos componente
Kleber cevallos componenteKleber cevallos componente
Kleber cevallos componente
 
PPT.BAB 1 9b/20
PPT.BAB 1 9b/20PPT.BAB 1 9b/20
PPT.BAB 1 9b/20
 
Imformatica
ImformaticaImformatica
Imformatica
 
Federalismo final bases
Federalismo final basesFederalismo final bases
Federalismo final bases
 
OPCIONES, FUTUROS
OPCIONES, FUTUROSOPCIONES, FUTUROS
OPCIONES, FUTUROS
 
Manejo higiénico de alimentos cendis
Manejo higiénico de alimentos cendisManejo higiénico de alimentos cendis
Manejo higiénico de alimentos cendis
 
Lenguaje Audiovisual Pedagogía de la Imagen
Lenguaje Audiovisual Pedagogía de la Imagen Lenguaje Audiovisual Pedagogía de la Imagen
Lenguaje Audiovisual Pedagogía de la Imagen
 

Similar to How We Hacked LinkedIn and What Happened Next | JFall 2016

RSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP TrainingRSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP TrainingJim Manico
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksPietro Polsinelli
 
Everybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs tooEverybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs tooNahidul Kibria
 
OWASP, PHP, life and universe
OWASP, PHP, life and universeOWASP, PHP, life and universe
OWASP, PHP, life and universeSebastien Gioria
 
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011Samvel Gevorgyan
 
OWASP Free Training - SF2014 - Keary and Manico
OWASP Free Training - SF2014 - Keary and ManicoOWASP Free Training - SF2014 - Keary and Manico
OWASP Free Training - SF2014 - Keary and ManicoEoin Keary
 
Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015Nilesh Sapariya
 
Securing Your BBC Identity
Securing Your BBC IdentitySecuring Your BBC Identity
Securing Your BBC IdentityMarc Littlemore
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threatAvădănei Andrei
 
Top Ten Web Application Defenses v12
Top Ten Web Application Defenses v12Top Ten Web Application Defenses v12
Top Ten Web Application Defenses v12Jim Manico
 
Cross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with JavaCross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with JavaJim Manico
 
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdfEN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdfGiorgiRcheulishvili
 
XSS Defence with @manicode and @eoinkeary
XSS Defence with @manicode and @eoinkearyXSS Defence with @manicode and @eoinkeary
XSS Defence with @manicode and @eoinkearyEoin Keary
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) securityNahidul Kibria
 
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Abhinav Sejpal
 

Similar to How We Hacked LinkedIn and What Happened Next | JFall 2016 (20)

RSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP TrainingRSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP Training
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacks
 
Everybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs tooEverybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs too
 
OWASP, PHP, life and universe
OWASP, PHP, life and universeOWASP, PHP, life and universe
OWASP, PHP, life and universe
 
2014 06-05-mozilla-afup
2014 06-05-mozilla-afup2014 06-05-mozilla-afup
2014 06-05-mozilla-afup
 
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
 
OWASP Free Training - SF2014 - Keary and Manico
OWASP Free Training - SF2014 - Keary and ManicoOWASP Free Training - SF2014 - Keary and Manico
OWASP Free Training - SF2014 - Keary and Manico
 
OWASP an Introduction
OWASP an Introduction OWASP an Introduction
OWASP an Introduction
 
Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015
 
Joomla! XSS Vulnerabilities by Riyaz Walikar
Joomla! XSS Vulnerabilities by Riyaz WalikarJoomla! XSS Vulnerabilities by Riyaz Walikar
Joomla! XSS Vulnerabilities by Riyaz Walikar
 
Securing Your BBC Identity
Securing Your BBC IdentitySecuring Your BBC Identity
Securing Your BBC Identity
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threat
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threat
 
PHPUG Presentation
PHPUG PresentationPHPUG Presentation
PHPUG Presentation
 
Top Ten Web Application Defenses v12
Top Ten Web Application Defenses v12Top Ten Web Application Defenses v12
Top Ten Web Application Defenses v12
 
Cross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with JavaCross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with Java
 
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdfEN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
 
XSS Defence with @manicode and @eoinkeary
XSS Defence with @manicode and @eoinkearyXSS Defence with @manicode and @eoinkeary
XSS Defence with @manicode and @eoinkeary
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) security
 
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1
 

Recently uploaded

What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 

Recently uploaded (20)

What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 

How We Hacked LinkedIn and What Happened Next | JFall 2016

Editor's Notes

  1. IndieGogo is a very open company, allows me to teach about security vulnerabilities Here we see the indiegogo password form on secure connection, that sends credentials to my webserver. What happened??? How did this work???
  2. What type of attack is this?
  3. Basic XSS examples Demo with Alert Demo with BEEF (Browser Exploitation Framework) Quick how does it work from high level. We’re developers right ;) Now we have seen dangers of XSS and know why and how it works First step in fundation
  4. How do we trigger it in practice?
  5. Improve previous demo! Now we have a button that spawns the whole page 
  6. Improve previous demo! Now we have a button that spawns the whole page 
  7. Easy to understand with the foundation of previous knowledge More interesting: what did I try that did not succeed?