Java Reference
In-Depth Information
within a CSS tag. he next step was to simply instruct the Web browser to load a MySpace
URL that would automatically invite Samy as a friend and later add him as a “hero” to the
visitor's own proile page. he code utilized XMLHTTPRequest, a JavaScript object used
in AJAX. Taking the hack even further, Samy realized that he could simply insert the entire
script into the visiting user's proile, creating a replicating worm. By 9:30 p.m. that night,
requests exceeded 1 million and continued arriving at a rate of 1000 every few seconds. Less
than an hour later, MySpace was taken oline.
During the heat of the recent U.S. presidential election, presidential candidate Barack
◾
Obama's Web site was hacked; this was also the result of a cross-site scripting vulnerability
present in the Web site. he attacker played down the matter and mentioned that all he did
was exploit some “poorly written HTML code” and that the ilters to prevent such attacks
were inadequate.
A majority
*
of Web sites today are vulnerable to cross-site scripting attacks. his attack type
is one of the most pernicious attacks in the world today afecting Web applications. Apart from
MySpace, several portals like Facebook and Google have been afected by cross-site scripting attacks
(also known as XSS) and cross-site request forgery attacks (also known as CSRF). Both attacks can
be debilitating to Web applications, as they could lead to anything from session hijacking to denial
of service. We will explore these vulnerabilities in detail when we get to Chapter 5. Even databases
have not been spared by attackers. As a matter of fact, databases are said to be the most targeted
elements of a Web application because all the information is contained in the databases. Injection
attacks and other attacks against databases have been rising at an alarming rate. he popular job
site Monster.com was breached and attackers were able to access several of the names, passwords,
Social Security numbers, and other personal details of the users. he Miami Dolphins Web site
was also hacked with an SQL injection attack,
†
which also exploited several Windows vulnerabili-
ties. SQL injection is also an extremely pernicious attack, with almost 40% of Web sites around
the world being vulnerable to it. SQL injection can result in unauthorized disclosure of data, credit
card information, passwords, and pretty much anything stored in databases.
Recent incidents in Web application security have involved worms and their mass outbreaks.
Worms have evolved over the years and have now begun targeting applications and databases.
Previously, network worms would go after the network layer and would result in attacks in
corporate and personal networks. hese worms take advantage of network vulnerabilities like
weak passwords, nonsecure ports, and services. Operating systems were the next targets, with
worms exploiting bufer overlow conditions in operating systems and their applications, as well
as exploiting unpatched systems, causing several thousands of computers all over the world to be
compromised. Web application security worms are the new and improved worms, which have also
gotten more notorious and dangerous as the days have gone by. Web application worms exploit
vulnerabilities in Web server and application server platforms; they also exploit vulnerabilities
present in databases. Interestingly, few of the very latest in Web application worms are capable of
*
According to the WhiteHat Security Web site Security Statistics for the year 2007, 7 in 10 Web sites were found
to be vulnerable to cross-site scripting vulnerabilities.
†
Miami Dolphins SQL injection attack—http://www.theregister.co.uk/2008/01/08/malicious_Web site_redi-
rectors/print.html.
Search WWH ::
Custom Search