H. Valters
Ethical Penetration tester / DevSecOps / IT Solution Developer / System administrator
Category Archives: DOM-based
Controlling the web-message source
In this section, we’ll look at how web messages can be used as a source to exploit DOM-based vulnerabilities on the recipient page. We’ll also describe how such an attack is constructed, including how common origin-verification techniques can often be bypassed. If a page handles incoming web messages in an unsafe way, for example, by not verifying…
DOM-based Ajax request-header manipulation
In this section, we’ll look at what DOM-based Ajax request-header manipulation is, talk about the potential impact of this kind of attack, and suggest ways to reduce your exposure to Ajax request-header manipulation vulnerabilities. What is DOM-based Ajax request-header manipulation? Using Ajax enables a website to make asynchronous requests to the server so that web…
DOM clobbering
In this section, we will describe what DOM clobbering is, demonstrate how you can exploit DOM vulnerabilities using clobbering techniques, and suggest ways you can reduce your exposure to DOM clobbering attacks. What is DOM clobbering? DOM clobbering is a technique in which you inject HTML into a page to manipulate the DOM and ultimately…
DOM-based denial of service
In this section, we’ll describe DOM-based denial-of-service vulnerabilities, look at which sinks can lead to this kind of vulnerability, and discuss ways to reduce your exposure to DOM-based DOS attacks. What is DOM-based denial of service? DOM-based denial-of-service vulnerabilities arise when a script passes attacker-controllable data in an unsafe way to a problematic platform API,…
DOM-data manipulation
In this section, we’ll look at what DOM-data manipulation is, discuss the potential impact of this kind of attack, and look at ways to reduce your exposure to DOM-data manipulation vulnerabilities. What is DOM-data manipulation? DOM-data manipulation vulnerabilities arise when a script writes attacker-controllable data to a field within the DOM that is used within…
DOM-based client-side JSON injection
In this section, we’ll describe client-side JSON injection as related to the DOM, look at how damaging such an attack could be, and suggest ways to reduce your exposure to this kind of vulnerability. What is DOM-based JSON injection? DOM-based JSON-injection vulnerabilities arise when a script incorporates attacker-controllable data into a string that is parsed…
DOM-based client-side XPath injection
In this section, we’ll look at what DOM-based XPath injection is, discuss the potential impact of this kind of vulnerability, and suggest ways to reduce your exposure to them. What is DOM-based XPath injection? DOM-based XPath-injection vulnerabilities arise when a script incorporates attacker-controllable data into an XPath query. An attacker may be able to use…
DOM-based HTML5-storage manipulation
In this section, we’ll look at HTML5-storage manipulation using the DOM, point out potentially dangerous sinks that can be used as part of this kind of attack, and suggest ways to reduce your exposure to HTML5-storage manipulation. What is DOM-based HTML5-storage manipulation? HTML5-storage manipulation vulnerabilities arise when a script stores attacker-controllable data in the HTML5…
DOM-based client-side SQL injection
In this section, we’ll discuss what DOM-based client-side SQL injection is, describe how an attacker can exploit this vulnerability, and suggest ways to reduce your exposure to this kind of attack. What is DOM-based client-side SQL injection? Client-side SQL injection vulnerabilities arise when a script incorporates attacker-controllable data into a client-side SQL query in an unsafe way….
DOM-based local file-path manipulation
In this section, we’ll talk about what DOM-based local file-path manipulation is, look at the potential impact of an attack, highlight some of the sinks that can lead to this kind of vulnerability, and suggest ways that you can reduce your exposure. What is DOM-based local file-path manipulation? Local file-path manipulation vulnerabilities arise when a…