Home
Home

Directory
Directory

Articles
Internet News
Security News
Ecommerce News
Domain News

Site Tools
Site Speed Test
Keyword Research
Resolve Hostname
DNS Tools
Register Domains
Affiliate Programs
Open Source

Shopping Carts
Cart Reviews
SSL Certificates

Enter your email address to subscribe to our updates:

Delivered by FeedBurner


Venue Charts
Channel Traffic Rankings
OAI Stock Quotes and Charts
eBay's Worst Feedback

Forum
Forum Home
TulipTools News
Advertising
Blogging
Computer Hardware
Domain Names
Ecommerce
Financing
Int'l Trading
Graphics and HTML
Internet Access
Legal Issues
Internet Business
Auction Sites
Classified Ad Sites
Fixed Price Venues
Operating Systems
Programming
Search Engines
Internet Security
Software
Web Hosting
Webmaster Issues
Reviews
Announcements
Off Topic Discussion

Web Hosting
TulipHosting

Domain Names
TulipDomains

Web Stats
TulipStats

Forum Rules
Forum Rules
Privacy Policy

Site Map
Forum Sitemap
Sitemap Topics




Directory| Forums| Internet News|Cart Reviews| DNS Tools| Keyword Research| Site Speed Test| Security| | Domain Marketplace| Domain Blog
TulipTools Internet Business Owners and Online Sellers Community
  • Home
  • Search
  • Member List
  • Calendar
Hello There, Guest! Login Register
TulipTools Internet Business Owners and Online Sellers Community › Graphics, Ajax, HTML, Multimedia, Web Design › Graphics, Ajax, HTML, Multimedia, Web Design › HTML, CSS, DHTML, Javascript, AJAX, and Coding › AJAX v
1 2 Next »

AJAX and Prototype Hijacking: a fundamental design flaw in Javascript

  
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode | Linear Mode
AJAX and Prototype Hijacking: a fundamental design flaw in Javascript
01-07-2007, 03:52 PM,
Post: #1
Kristijntje Offline
Super Moderator
******
 		Posts: 1,200
Likes Given: 0
Likes Received: 0 in 0 posts
Joined: Oct 2005
Reputation: 0
AJAX and Prototype Hijacking: a fundamental design flaw in Javascript
Quote:fter a quick overview of simple Cross Site Scripting attacks, the speech will focus on security aspects of Web 2.0 technologies exploring unconventional and undisclosed attacking techniques. During the presentation we will show the next step in content/request hijacking and the next generation of client-side and server-side injection. Specifically, by applying advanced Javascript techniques like prototyping we'll see how to hijack functions and objects in order to have transparent attacks without breaking javascript code in Ajax web pages. Moreover, will be shown non trivial ways to attack web pages and inject code by taking advantage of other kinds of vulnerabilities in a cross domain environment. Finally, we will see how poor design choices in web browsers would bring to new kind of attacking vectors like UXSS through plugins and sandbox framework flaws.

http://events.ccc.de/congress/2006/Fahrp...02.en.html

Subverting AJAX whitepaper (PDF, 603K): http://events.ccc.de/congress/2006/Fahrp...g_Ajax.pdf
Al draagt een aap een gouden ring, het is en blijft een lelijk ding
Like Post Reply
[+]
« Next Oldest | Next Newest »




Possibly Related Threads…
Thread Author Replies Views Last Post
  AJAX Monalisa 0 1,856 01-27-2009, 05:16 AM
Last Post: Monalisa
  Four Dozen Plus AJAX Tutorials mandy 0 1,993 10-18-2008, 08:47 AM
Last Post: mandy
  Tools and Techniques for Managing the Performance of Ajax Applications mandy 0 2,280 05-04-2008, 11:03 AM
Last Post: mandy
  Ajax 101 mandy 0 2,156 07-25-2007, 10:22 AM
Last Post: mandy
  Review of 5 AJAX Frameworks: Dojo. Prototype, Google Web Toolkit, and more mandy 0 2,452 05-03-2007, 11:30 AM
Last Post: mandy
  Web 2.0: almost all AJAX toolkits found ti be vulnerable to JavaScript Hijacking Kristijntje 0 2,187 04-02-2007, 03:40 PM
Last Post: Kristijntje
  How to add AJAX functionality to your website in three easy steps Kristijntje 0 2,300 03-19-2007, 12:16 PM
Last Post: Kristijntje
  Ecommerce: providing a faster and easier shopping experience by using AJAX mandy 0 3,451 02-05-2007, 12:10 PM
Last Post: mandy
  Introduction to Developing Web Applications with Ajax mandy 0 2,374 12-17-2006, 11:37 AM
Last Post: mandy
  Expert Disputes Claims That AJAX Is Insecure mandy 0 2,289 12-02-2006, 11:03 AM
Last Post: mandy

  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:


Users browsing this thread: 1 Guest(s)
  • Contact Us
  • TulipTools Internet Business Owners and Online Sellers Community
  • Return to Top
  • Lite (Archive) Mode
  • RSS Syndication
  • Help
Current time: 03-26-2023, 02:36 PM Powered By MyBB, © 2002-2023 MyBB Group. Theme created by Justin S.
powered by Apache

powered by Linuxpowered by CentOS

Copyright 2000-2013 TulipTools.com. All rights reserved.