• Home

  • Documents

  • Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology...
14
Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer Engineering JavaScript Injection and Web Hacking Techniques

Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Embed Size (px)

Citation preview

Page 1: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

Juan O’ConnellJustin Rand

ECE 4112 Group 19May 1, 2007

Georgia Institute of TechnologyCollege of Engineering

School of Electrical and Computer Engineering

JavaScript Injection and Web Hacking Techniques

Page 2: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

•Motivation

•To learn more about web security

•Analyze rather than double click

•There is no set path to assess vulnerabilities

•JavaScript is used in millions of web pages

•Supplement from Lab 9

•It is easy to learn!

Page 3: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

•What is JavaScript?

•JavaScript is a dynamic scripting language that supports prototype based object construction

•Developed by Netscape

•Adds additional interaction between the web site and its visitors

•JavaScript is the most popular scripting language on the internet.

Page 4: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

• PkCrack – Cracking PkZip Encryption• Known plaintext attack

– Need unencrypted file

• Command line program– \PkCrack> pkcrack -C -c -P -p -d

» -C <encrypted .ZIP>

» -c <encrypted file>

» -P <plaintext .ZIP>

» -p <plaintext file>

» -d <cracked .ZIP>

Page 5: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

•Lab Layout

•Section 0: Setup

•Section 1: JavaScript

•Section 1.1 – The Basics: JavaScript Tutorial

•Section 1.2 – JavaScript Injection

•Section 1.3 – Vulnerability Assessment of Guest Books

•Section 2 - “Realistic” Web Hack

Page 6: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

•Section 1.2 Demo

•Variable change

•http://www.prism.gatech.edu/~gtg131v/4112/

•The code <javascript:c=5;>

•Grandma’s Cookie

•http://www.prism.gatech.edu/~gtg131v/4112/

•The code<javascript:void:(document.cookie=”Authorized=true”);javascript:alert(document.cookie);>

Page 7: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

•Section 1.3 Real Demo

•Guest Book

•http://www.legacy.com/Atlanta/Obituaries.asp

•Assessment code <u> some text </u> <plaintext>

•Injection<img src="asdf" onerror="alert('Welcome!')"/>

•Get Creative!<img src="asdf" onerror=" void(window.location=('http://www.ece.gatech.edu'))"/>

Page 8: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

•Solutions

•JavaScript Injection•Always validate the input received against a white list •Do not rely on client side validation to validate the user input

•Validate the input every time

•Guest Books•Use a code filter!

Page 9: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

• Section 2 – “Realistic” Web Hack• Search page source for hidden directory

• Download critical file

• Exploit using PkCrack

• From here?

Page 10: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

Page 11: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

Page 12: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

• Solution• Limit Directory access

• Apache can use .htaccess and .htpasswd– Must change httpd.conf

» AllowOverride AuthConfig

– Create .htaccess in the directory you want to protect» Will reference .htpasswd and ask for authorization

Page 13: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

• References– [1] http://www.hackthissite.org

Page 14: Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer

Group 19

?Questions


Xerox 4112™/4127™

Xerox 4112™/4127™

Documents
Kieran O’Connell , DIT Hothouse

Kieran O’Connell , DIT Hothouse

Healthcare
Xerox 4112 / 4127 Enterprise Printing Systems Brochure · Xerox 4112/4127 Enterprise Printing Systems From bills to booklets, they get your jobs done! Xerox® 4112™/4127™ Enterprise

Xerox 4112 / 4127 Enterprise Printing Systems Brochure · Xerox 4112/4127 Enterprise Printing Systems From bills to booklets, they get your jobs done! Xerox® 4112™/4127™ Enterprise

Documents
4112 sarrebourg

4112 sarrebourg

Documents
Created By: Kayla O’Connell

Created By: Kayla O’Connell

Documents
FS80 - 4112

FS80 - 4112

Documents
Daniel O’Connell and Catholic Emancipation · Daniel O’Connell (1775-1848): the Liberator Daniel O’Connell was a 19th century Irish politician, sometimes known as The Liberator

Daniel O’Connell and Catholic Emancipation · Daniel O’Connell (1775-1848): the Liberator Daniel O’Connell was a 19th century Irish politician, sometimes known as The Liberator

Documents
ΜΑΚΕΔΟΝΙΚΗ #4112

ΜΑΚΕΔΟΝΙΚΗ #4112

Documents
Mary O’Connell Deasy,

Mary O’Connell Deasy,

Documents
Nur 4112 class #3

Nur 4112 class #3

Education
GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore

GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore

Documents
4112 sa habitat

4112 sa habitat

Documents
IN MEMORY · children, Margaret Rathier ’78 (Tom), Joan O’Connell, Mary Kate O’Connell, Mark O’Connell, and John O’Connell (Bridget), and six grandchildren. He was predeceased

IN MEMORY · children, Margaret Rathier ’78 (Tom), Joan O’Connell, Mary Kate O’Connell, Mark O’Connell, and John O’Connell (Bridget), and six grandchildren. He was predeceased

Documents
Sandbox Exploitations - ECE 4112 Group 12 - Gary Kao Jimmy Vuong

Sandbox Exploitations - ECE 4112 Group 12 - Gary Kao Jimmy Vuong

Documents
4110 4112 OHCF Enablement Kit

4110 4112 OHCF Enablement Kit

Documents
BY JESSICA E. MURPHY, ESQ. T · ects, contact Jessica Murphy or the Construction Law Group at Mirick O’Connell. Murphy is a senior commercial litigation attorney at Mirick O’Connell

BY JESSICA E. MURPHY, ESQ. T · ects, contact Jessica Murphy or the Construction Law Group at Mirick O’Connell. Murphy is a senior commercial litigation attorney at Mirick O’Connell

Documents
4112 sarreguemines

4112 sarreguemines

Documents
Xerox 4112 / 4127 Enterprise Printing Systems …Xerox 4112/4127 Enterprise Printing Systems From bills to booklets, they get your jobs done! Xerox® 4112 /4127 Enterprise Printing

Xerox 4112 / 4127 Enterprise Printing Systems …Xerox 4112/4127 Enterprise Printing Systems From bills to booklets, they get your jobs done! Xerox® 4112 /4127 Enterprise Printing

Documents
Xerox System Admin Guide 4112 Mono

Xerox System Admin Guide 4112 Mono

Documents
Store #4112...Store #4112 2205 E. Ruben Torres Sr. Blvd Brownsville, TX 78526 0.6 78526 550 Brazo Store #4112 anti Pas 785>0 Brownsville 1.8 mi Brownsville 78521 Brownsville South

Store #4112...Store #4112 2205 E. Ruben Torres Sr. Blvd Brownsville, TX 78526 0.6 78526 550 Brazo Store #4112 anti Pas 785>0 Brownsville 1.8 mi Brownsville 78521 Brownsville South

Documents
Conor O’Connell

Conor O’Connell

Documents
ME 4112 Corporate Proposal

ME 4112 Corporate Proposal

Documents
Heather O’Connell

Heather O’Connell

Documents
Associate Professor, Dr. Ray O’Connell

Associate Professor, Dr. Ray O’Connell

Documents
Created by Mr. O’Connell. What group of people started a settlement in Plymouth, Massachusetts in 1620? Pilgrims

Created by Mr. O’Connell. What group of people started a settlement in Plymouth, Massachusetts in 1620? Pilgrims

Documents
Document 360 Workflow Course 4112

Document 360 Workflow Course 4112

Documents
ECE 4112 Internetwork Security Lab 3: Address Spoofing ...users.ece.gatech.edu/riley/ece4112/handouts/Lab3-4112.pdf · ECE 4112 Internetwork Security Lab 3: Address Spoofing, Denial

ECE 4112 Internetwork Security Lab 3: Address Spoofing ...users.ece.gatech.edu/riley/ece4112/handouts/Lab3-4112.pdf · ECE 4112 Internetwork Security Lab 3: Address Spoofing, Denial

Documents
4112-EPS for Asphalt Concrete

4112-EPS for Asphalt Concrete

Documents
Maisie O’Connell

Maisie O’Connell

Documents
Ref 4112 Parta Ua

Ref 4112 Parta Ua

Documents