Web Application Security Zone by Netsparker

Transforming Self-XSS Into Exploitable XSS

Category: Web Security Readings - Last Updated: Thu, 14 Mar 2019 - by Ziyahan Albeniz
Transforming Self-XSS Into Exploitable XSS

This blog is describes an attempt by a security researcher to exploit a Cross-site Scripting (XSS) vulnerability. It explains the importance of template strings – including multi-line strings and tagged templates – in XSS filtering, how to overcome the document.domain issue, and the discovery and exploitation of Self-XSS, with reading suggestions. Read More

The End of CoinHive and the Rise of Cryptojacking

Category: Web Security Readings - Last Updated: Thu, 07 Mar 2019 - by Ziyahan Albeniz
The End of CoinHive and the Rise of Cryptojacking

Cryptojacking is the unauthorized use of a computer to mine cryptocurrency. This article traces the development of Cryptojacking from ByteCoin and Monero, used by the CoinHive service. It examines how Cryptojacking works, the latest research, and content security policy solutions that limit source loading and report Cryptojacking scripts. Read More

Sound Hijacking – Abusing Missing XFO

Category: Web Security Readings - Last Updated: Thu, 28 Feb 2019 - by Ziyahan Albeniz
Sound Hijacking – Abusing Missing XFO

This article examines a new attack on Google Docs called Sound Hijacking, which leads to the takeover of users’ audio input devices. We investigate how the attack works and conclude with an evaluation of the importance of the X-Frame-Options Header for the attack and information on which browsers support it. Read More

Brave Browser Sacrifices Security

Category: Web Security Readings - Last Updated: Thu, 21 Feb 2019 - by Ziyahan Albeniz
Brave Browser Sacrifices Security

Brave is a browser that blocks ads and website tracking to improve user privacy and security. This blog post describes a controversial update to Brave that contained a whitelist of tracking URLs, causing online discussions, and a temporary but active solution. This blog examines some key terms and suggests how Brave could learn from Firefox. Read More

Phishing by Open Graph Protocol

Category: Web Security Readings - Last Updated: Thu, 07 Feb 2019 - by Ziyahan Albeniz
Phishing by Open Graph Protocol

Open Graph Protocol (OGP) was introduced by Facebook to highlight shared links in social media platforms. Phishing attacks use OGP to deceive users into clicking links that redirect them to other websites. This blog post explains what the OGP looks like, discusses phishing attack research and finally lists some precautions to take against them. Read More

Remote Hardware Takeover via Vulnerable Admin Software

Category: Web Security Readings - Last Updated: Tue, 29 Jan 2019 - by Ziyahan Albeniz
Remote Hardware Takeover via Vulnerable Admin Software

This article focuses on new research into potential remote hardware takeover vulnerabilities in admin software. These vulnerabilities occur due to a lack of control mechanisms, which enables potential WebSocket Hijacking attacks. The article explains how these attacks work, how to prevent them, and the importance of a content security policy header. Read More

Cross Site Cookie Manipulation

Category: Web Security Readings - Last Updated: Thu, 24 Jan 2019 - by Ziyahan Albeniz
Cross Site Cookie Manipulation

This article examines the security of PHP's session cookies in a shared hosting environment, and explains why a cryptographically secure, random session ID is not enough to prevent attacks. It explains how PHP handles cookies and how the session management feature initializes in PHP. Finally, it provides an attack demo and advice for prevention. Read More

Why Framework Choice Matters in Web Application Security

Category: Web Security Readings - Last Updated: Thu, 10 Jan 2019 - by Ferruh Mavituna
Why Framework Choice Matters in Web Application Security

Our CEO, Ferruh Mavituna, explains why the framework you choose for your web applications matters. Even if you build the most secure application, when your framework is vulnerable, your application is too. He debunks some myths regarding the similarity of popular frameworks, and provides good reasons to check whether yours is secure by default. Read More

Clickjacking Attack on Facebook: How a Tiny Attribute Can Save the Corporation

Category: Web Security Readings - Last Updated: Fri, 04 Jan 2019 - by Ziyahan Albeniz
Clickjacking Attack on Facebook: How a Tiny Attribute Can Save the Corporation

This article explains the origins of the Clickjacking Attack and how it works. It then examines how a researcher discovered a Clickjacking bug on Facebook and how Facebook responded to the Clickjacking attack. Finally, the article provides advice on how to prevent Clickjacking Attacks by using the X-Frame-Options HTTP security header. Read More

Sven Morgenroth Talks About PHP Object Injection Vulnerabilities on Paul's Security Weekly Podcast

Category: Web Security Readings - Last Updated: Thu, 20 Dec 2018 - by Allen Baird
Sven Morgenroth Talks About PHP Object Injection Vulnerabilities on Paul's Security Weekly Podcast

In episode #584 of Paul's Security Weekly, Sven Morgenroth, a Netsparker security researcher, discusses PHP Object injection vulnerabilities and explains the dangers of PHP's unserialize function. Sven provides background on PHP Objects, demos how to write an exploit for a PHP Object Injection vulnerability, and explains how to prevent them. Read More

End of Support for PHP 5 and PHP 7.0

Category: Web Security Readings - Last Updated: Tue, 18 Dec 2018 - by Allen Baird
End of Support for PHP 5 and PHP 7.0

At the end of 2018, PHP will stop security updates and support for some of its previous versions. This will expose hundreds of millions of websites to serious risk in terms of sites hacked, user details stolen, and massive fines. You need to update, and use systems that allow you to deploy only new versions of PHP by default. Read More

Tabnabbing Protection Bypass

Category: Web Security Readings - Last Updated: Thu, 06 Dec 2018 - by Ziyahan Albeniz
Tabnabbing Protection Bypass

This blog post includes a discussion of URLs, their structure, how they can contain sensitive information and why it's so difficult to parse them without introducing vulnerabilities. We include an example of how a parsing error led to a Window Opener Protection Bypass. Read More