active subscribers – to download this issue click on the cover of the magazine on the main website or scroll down this page and click the Download button
single issue buyers – after paying for this issue click “PenTest Extra 01/2012″ (which will show just above that text)to download your copy of the magazine
XSS & CSRF: Practical exploitation of post-authentication vulnerabilities in web applications
by Marsel Nizamutdinov
The goal of this article is to demonstrate the real danger of post-authenticated vulnerabilities. We will not explain the basics of web application attacks in this article, as that has already been done many times before by others. We will focus on a practical way to exploit post-authentication XSS’s and CSRF, which remain a highly underestimated attack vector in the security scene.
Discovering Modern CSRF Patch Failures
by Tyler Borland
Cross-site request forgery (CSRF/XSRF) vulnerabilities allow an attacker to perform authenticated actions without authenticating as the user. The issue revolves around general browser architecture and its handling of the web origin policy. In particular, issues stem from how it handles same origins and authority. Some of the issues can not be fixed in browsers as the real problem is how web applications handle actions. These vulnerabilities are easy to locate and perform attacks against whilst allowing an attacker to completely compromise an account and/or compromise the host.
Business Logic Vulnerabilities via CSRF
by Eugene Dokukin
There are two types of Business Logic flaws: server-side and client-side. First one allows the user of the site to manipulate the site’s functionality to increase his finances, second one allows an external attacker to manipulate the site’s functionality to increase his finances, by decreasing finances of the user of the site. And I have found both types of such vulnerabilities many times since 2005.
XSS Using Shell of the future
by Sow Ching Shiong
Cross-Site Request Forgery
During a test, I found a create user function which was vulnerable to CSRF. This would allow a targetted attack against the web site by sending the equivalent of phishing emails; except instead of trying to get the user to enter their credentials, they would simply have to click on a link while logged in. The payload would create a privileged account and email the password to the attacker, so could easily happen without the administrator’s knowledge.
Security Resolutions for 2012
by Rishi Narang
As we enter into the year of pre media jitters and headlines for the end of world speculations, the virtual world of information security is already making news with cloud computing issues, mobile malware, forensics, and plethora of apps. It is evident as a netizen (a portmanteau of the English words internet and citizen), a corporation, and developer that information security couldn’t be sidelined ever. Some strong measures are inevitable and must when it comes to development or its usage as a product and/or service. Previous years have already taught us about the dark sides of different technologies – Social Networking, Mobile Computing, World Wide Web etc. So, this is high time to start working on making net a safer place as well as yourself in this wide open virtual world.
Interview with Peter N. M. Hansteen
by PenTest Team
Peter N. M. Hansteen is a consultant, writer and sysadmin from Bergen, Norway. A longtime freenix advocate and during recent years a frequent lecturer and tutor with emphasis on FreeBSD and OpenBSD, author of several articles and “The Book of PF” (No Starch Press 2007, 2nd edition November 2010). He writes a frequently slashdotted blog at http://bsdly.blogspot.com/.
Comments are closed.