Cyberis Blog
Reassuringly clear thinking.
- Research
- Tools and techniques
Testing Access Controls On Large Web Applications
Testing access controls on web applications can be a difficult task if presented with multiple user roles and a large number of pages. Depending on the application, unauthorised access to a page may result in a client error code (40X), a redirect (30X), a straight 200 with an error message within the page, or possibly even a server-side error (50X). This is how we approach the problem...
- Research
- Tools and techniques
Evading .NET And Browser XSS Protection With Attribute Based XSS
.NET applications offer good protection against basic reflected XSS vectors. Since .NET 1.1, ValidateRequest has been examining client supplied input for "supicious" characters, and throwing a helpful error message if such characters are found within a GET or POST request. These days, an attempt to perform the classic alert(1) will likely fail against the majority of .NET applications with the well known "A potentially dangerous Request.Form value was detected from the client..". Does that mean XSS in .NET is dead?
- Research
- Tools and techniques
Harvesting Cross Site Scripting (XSS) Victims - Clicks, Keystrokes And Cookies
A couple of years ago I was inspired by @fmavituna's work on XSS Shell and decided to write a new extended version (XSS-Shell-NG) using a PHP and a MySQL backend rather than the ASP/Access combination of the original. I never released the tool publicly, as my main aim of making XSS Shell easier to use was never really accomplished; it still required a significant amount of set up to get it working. However, one thing that both tools did well once working was to demonstrate the real business impact of cross-site scripting.
Improve your security
Our experienced team will identify and address your most critical information security concerns.