Archives for the ‘csrf’ Category

Location based XSS attacks

The basic attack Using the hash portion of the location is a good way to beat filters, anything sent via the hash is not sent to the server in question. We can use a large amount of data which is hidden from the server side filters and combine it with data sent on the server. […]

CSS overlays and frame breakers

I (wrongly) assumed that Javascript frame breakers were ineffective when using iframes on IE when using the security=restricted attribute. As it turns out cookies are not allowed by default when using the attribute because the security settings are applied from IE restricted zone. My recommendation is to use frame breakers on administration pages and other […]

CSRF chat

You may think adding tokens to your forms will completely protect you from CSRF, you’d be wrong. I’ve shown in previous blog entries how you can use CSS overlays to bypass tokens. I decided to create a real world example which uses these techniques to create something cool. The world’s first CSRF chat! I got […]

CSRF browser protection

I like the topic of CSRF because it’s such a difficult problem to solve, I was thinking about ways a browser can prevent CSRF and I’ve come up with the following solutions:- 1. After a domain name any image/object/frame etc request is truncated by a user definable setting. Limiting the amount of data an attacker […]

JSCK demo update

I believe in releasing code as early as possible and often. So I’ve released another version of JSCK, the code isn’t a complete solution at the moment and is more of a proof of concept rather than a final version you can use on live sites but it highlights the method well and should provide […]

JSCK

I had a great idea to protect against CSRF, use my random Javascript creation technique! I already knew it was possible to use it in this way but I wanted a nice solution that anyone could incorporate into their site. PHP first creates a random session key using random code blocks, then Javascript does the […]

Google Adsense flaw revealed

Google fix vulnerability Well I have some good news to report about a vendor for a change, Google have been fantastic when I disclosed a vulnerability in Adsense to them. They were always in communication with me and keeping me informed of the status. They have also released a fix for the vulnerability in super […]

CSS attacks!

As the browser manufacturers add new features they can sometimes overlook the security implications which can often seem minor. I’ve found two such features which I think could cause problems. CSS overlays Iframes can be manipulated to show only a small area of the screen, even worse you can actually overlay any other item over […]

Protection against CSRF part 2

Continuing from my previous post I have decided to provide demos of a lot of the techniques discussed. These techniques won’t make your site 100% secure but they will help reduce the risk of attack. Remember you need to protect against XSS and these techniques will not stop your site from being attacked with XSS. […]