Amal Mammadov

1. VULNERABILITY INTRODUCED When an HTML page is rendered in browsers, the browser downloads the HTML into local memory and automatically parses it to display the page on the screen. When a web page is loaded, the browser creates a Document Object Model (DOM) of the page, which is an object-oriented representation of an HTML document, that acts as an interface between JavaScript and the document itself and allows the creation of dynamic web pages. So, the objects in the…

Read More Read More

1. VULNERABILITY INTRODUCED When an HTML page is rendered in browsers, the browser downloads the HTML into local memory and automatically parses it to display the page on the screen. When a web page is loaded, the browser creates a Document Object Model (DOM) of the page, which is an object-oriented representation of an HTML document, that acts as an interface between JavaScript and the document itself and allows the creation of dynamic web pages. So, the objects in the…

Read More Read More

1. VULNERABILITY INTRODUCED When development teams use component-heavy development patterns, they sometimes do not even understand which components they use in their applications much less keeping them up to date.Developers often do not know: The versions of all components they use (both client-side and server-side); If the software they use (OS, web/application server, database management systems, run-time environments, and libraries) is vulnerable, unsupported, or out of date; If the underlying platform, frameworks, and dependencies are fixed or upgraded in a…

Read More Read More

1. EXERCISE BACKGROUND The vulnerable application pane loads the TraderDASH application. In this application, a user is able to quickly buy and sell stocks with a single-click order execution. It has also a quite ordinary profile for managing user details. ACTION Click My Account -> My profile link to open the profile page. 2. CHANGE EMAIL FUNCTIONALITY Bob is an attacker. While he was browsing the Web, he came across the TraderDASH application. Since registration was free and accessible, Bob…

Read More Read More

1. VULNERABILITY EXPLAINED Clickjacking attacks occur when a page, particularly one with clickable elements, can be placed inside a frame.An attacking website frames the victim website and redresses it in a manner that it becomes not visible to the victim.For example, if a website’s profile page has a Delete Account button, an attacker can place an iframe that centers on that button, while placing a fake ad in the topmost page, with a fake X button to close the ad…

Read More Read More

1. VULNERABILITY INTRODUCED Sometimes front-end developers get mesmerized by the validation word in the client-side validation term and implicitly assume that it refers to protection of some kind that operates on the client-side level. Also, they assume that properly implemented client-side validation will not allow hackers to pass any kind of malicious input to the server, and therefore there is no need to duplicate the same validation on the server level.But when the server doesn’t use the same protection schemes…

Read More Read More

1. VULNERABILITY INTRODUCED Properly implemented data protection for a web application allows the users to know who they are communicating with, whether or not their communication channel is encrypted, and that the data is not manipulated in transit. This is usually achieved by using HTTPS protocol for communication between the user and the web application.But sometimes applications accept connections through HTTP first, upgrade to HTTPS and redirect the user to HTTPS version of the application. Thus the application first allows…

Read More Read More

1. VULNERABILITY INTRODUCED A web-page may use multiple methods to open additional tabs or windows. However, these methods may often add a reference to the opener (or window.opener) object in the newly opened window, which refers to the “parent” tab or window. While most attributes in the opener window are blocked and inaccessible to the opened window, such that the opened window may not refer to most opener attributes (part of the cross-domain policy), some are not blocked. In particular,…

Read More Read More

1. HTTP CACHING Caching is a mechanism designed to decrease the server load and speed up the loading of web pages. A cache saves copies of server responses and serves them to users upon their repeating requests.The cache can operate locally in the user’s browser, or there are also intermediate caches: caching proxies, load balancers, CDNs, web servers. Our lesson is devoted specifically to intermediate caches.In case of a browser cache, when a user requests some data, the browser first…

Read More Read More

1. VULNERABILITY INTRODUCED Web Cache Deception is another technique for attacking caches. It’s different from the HTTP Cache Poisoning attack because no tainted data is saved in the cache and then served to users (which is what Cache Poisoning implies). During the Web Cache Deception attack, a malicious user gains unauthorized access to sensitive data of another user by exploiting ordinary cache behavior.The following conditions should be met for the attack to succeed:1. The web server returns the contents of…

Read More Read More