DNS Pinning and Web Proxies - A white paper that describes DNS based attacks against web proxies.
e091af8bf559a04f3c1150ba90ac58ae3ddd17fb123c3630be4e8ae38dcdaf3cWhitepaper titled Cross Site Request Forgery: The Sea Surf.
5f2993a62fbb64d5422e96ba9b08bcc4be5bff77401acc7bef23bc85e71da389Whitepaper entitled Ambiguity In Ajax Lockdown Framework - Unveiling Some Contradictory Facts.
c72d1fdf0586fb064c35e73407382130Small paper entitled EBay Online Attack Jargon.
04ad495da411ca6f23da1f5c458c29f200473ff4506ec284d569b31a2c29fbbfPaper describing the various methods and techniques of cross site reference forgery.
0d74b20fe311533c844750df4a40b17be780bbfc0f1cf786aac71f4e1b316276SPI Labs has discovered a practical method of using JavaScript to detect the search queries a user has entered into arbitrary search engines. All the code needed to steal a user's search queries is written in JavaScript and uses Cascading Style Sheets (CSS). This code could be embedded into any website either by the website owner or by a malicious third party through a Cross-site Scripting (XSS) attack. There it would harvest information about every visitor to that site.
ab08229f9a6ea3fe80e91cf97309e02f0a0606aa8ea3b1985c6e81d4195f426ePresentation entitled "Case Studies in Finding Previously Unknown Vulnerabilities in Web Applications" from the AT&T ISNN Lecture Series. The aim of the presentation is to cover a limited set of web application vulnerability types and show the impact of these vulnerabilities via real world cases.
864d22be9ea2fbe90fc389e48dd1b7e860db2d314108cd24933a16b4659c7ec8XST Strikes Back - A technical paper discussing Cross Site Tracing vulnerabilities in proxy servers.
c934a83e625611f6470be7257fa46f16e64a415f899bccbeb6d42966dd6a3e9aSmall write up discussing reverse proxy cross site scripting.
eae37617973a2892bf4ac789d799e0b8a3209e0ea2ccda63640fab3a48f15ca5Whitepaper entitled 'Web Application Footprinting and Assessment with MSN Search Tricks'.
21fa9f7a4c5cc5110927a0d58b634ca2cc3a52a3998262dfccb65e1141516e43White paper discussing web browser identification and how proper identification can enable a remote site to know what attacks to use against a visitor.
af292d7644b45c3e998a980f23ff821b434d866040446022bb3ee6a5b46b07a2White paper called Domain Footprint for Web Applications and Web Services.
334c5dacdca8cb229f4e6fcd4408159edff35ea5eb82f949449c0fe623215485Interesting write up regarding possible code execution vulnerabilities in Microsoft Internet Explorer due to problems with image decompression and parsing.
8aa59c5262d0659c3680241d1e53f860d9626568c3b86d989d08cba6b374e641Yet Another "Why CSS Is Bad" Paper.
0c887d986ae284f7c70a519bdfe8487982c28a01419f992b0641e7cd3f0249f4Whitepaper discussing the scope of information gathering used against web services. Second in a series of papers defining attack and defense methodologies with web services.
d845104342be64b7e0981391fa4587731812589b1eaa8df8bb900cb3c06d39ebAdvanced Cross-Site-Scripting with Real-time Remote Attacker Control - Some people think XSS attacks are no big deal, but I plan to change that perception with the release of this paper and an accompanying tool called XSS-Proxy which allows XSS attacks to be fully controlled by a remote attacker. This paper describes current XSS attacks and introduces new methods/tool for making XSS attacks interactive, bi-directional, persistent and much more evil. This is not a detailed XSS HowTo, but an explanation of methods for taking XSS attacks much further. Attackers can access sites as the victim or forward specific blind requests to other servers.
8f3f833faade0f8c6add6576e39ff2be36df99d31657b8eb6613799fa7945aa6The 80/20 Rule for Web Application Security: Increase your security without touching the source code . This article discusses ways to make your website more difficult to exploit with little effort.
bba7f7e823c6583f2e30e376b8c5ab99b4d303a27d637867f9f30645116bb148Whitepaper discussing the scope of information gathering used against web services. First in a series of papers defining attack and defense methodologies with web services.
41051ad1f79babf058f6e50a6da49759baee349f285fbc702e91c39d819f38f8A thoroughly written white paper discussing how to defend web services using mod_security.
bff27e41da0ed96737c94d7f79f29f3432e83dda6ab0b1eed20e27122f946d50This is a small text document that describes how MS SQL can be "tricked" into creating a command.asp script under the webroot, even when you do not have access to 'sa' privs (dbo privs are probably still a must, though). The technique described uses the SQL server 'backup' command.
00f4e7c9f7cd17235e6b6b60f335065c99183f5e4af191f5b7d9dfcb8975e8a2Corsaire White Paper: Cookie Path Best Practice. A brief document discussing how and why a cookie path should be strictly defined.
c30fa2410156b0fdf005bdaacdb6fc9efd561e2ce36194f3f8f20250a403b84aComprehensive paper explaining various ways to get around restrictive web proxies which are used by some restrictive countries and corporations.
8d9d766cd21a65b57e4c66bdeab1db1cf15172a76f5abf3a8ffb6b63490001abSession Fixation Vulnerability in Web-based Applications - Many web-based applications employ some kind of session management to create a user friendly environment. Sessions are stored on a server and associated with respective users by sessions identifiers (IDs). Naturally session IDs present an attractive target for attackers, who, by obtaining them, effectively hijack users' identities. Knowing that, web servers are employing techniques for protecting session IDs from three classes of attacks: interception, prediction, and brute force attacks. This paper reveals a fourth class of session attacks against session IDs: session fixation attacks.
e8a24bd745c20648c072b561ba4717627c93a9e649320428356139d804231bd5Some information on the Common Gateway Interface (CGI).
8b26cd32cbd0a8326977f61fce8ef55d9a9016bc2750bd213be84e63a401d2b0The Cross Site Scripting FAQ - Includes threat analysis, examples of cross site scripting attacks, cookie theft, how to protect yourself, and how to fix the holes.
661e74609dc323f6e78804ba0e5ebb3534a09bcb6cea0f0f0bbc0773b2ba234a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed