Web Application Session Attacks - Cause, Effect and Remediation
by Vivek Relan
Tuesday, November 10, 2009, 10:15am - Tuesday, November 10, 2009, 11:30am
ITE 325 - B
In this week's Ebiquity Lab meeting Vivek Relan[1] from the Cyber Defense Lab[2] at UMBC will talk about "Web Application Session Attacks - Cause, Effect and Remediation"
Abstract:
An increase in the usage of Web application is directly related to an increase in number of security incidents for them. Most of the Web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer's list. These threats originate because of either unconventional development of Web application or careless handling of Web sessions or flawed deployment of Web servers.
This talk will focus on a class of session vulnerabilities in Web application, their cause, effect and how to avoid them. Three session attacks - Session fixation[3], Cross-Site Request Forgery (CSRF/XSRF) [4] and Privilege Escalation[5] will be discussed along with their demonstration. In addition, Vivek will also talk about his published security advisory on Yahoo! Mail XSS vulnerability[6].
Disclaimer from the speaker:
The techniques and tool learned through this talk are intended to educate the audience. This information may be used for malicious purposes as well i.e. hacking. The speaker, Ebiquity and UMBC are not responsible for any incident caused by these techniques. In addition, none of us will accept any liability of loss or damage originate from use of this information.
For those who can't attend, join in remotely via dimdim[7]. After 10:15, click on JOIN MEETING and enter 'ebiquity' for the meeting name.
[1] http://userpages.umbc.edu/~relan1/
[2] http://www.cisa.umbc.edu/
[3] http://en.wikipedia.org/wiki/Session_fixation
[4] http://en.wikipedia.org/wiki/Cross-site_request_forgery
[5] http://en.wikipedia.org/wiki/Privilege_escalation
[6] http://www.marketwire.com/press-release/Cenzic-872666.html
[7] https://webmeeting.dimdim.com/portal/JoinForm.action?confKey=ebiquity
Abstract:
An increase in the usage of Web application is directly related to an increase in number of security incidents for them. Most of the Web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer's list. These threats originate because of either unconventional development of Web application or careless handling of Web sessions or flawed deployment of Web servers.
This talk will focus on a class of session vulnerabilities in Web application, their cause, effect and how to avoid them. Three session attacks - Session fixation[3], Cross-Site Request Forgery (CSRF/XSRF) [4] and Privilege Escalation[5] will be discussed along with their demonstration. In addition, Vivek will also talk about his published security advisory on Yahoo! Mail XSS vulnerability[6].
Disclaimer from the speaker:
The techniques and tool learned through this talk are intended to educate the audience. This information may be used for malicious purposes as well i.e. hacking. The speaker, Ebiquity and UMBC are not responsible for any incident caused by these techniques. In addition, none of us will accept any liability of loss or damage originate from use of this information.
For those who can't attend, join in remotely via dimdim[7]. After 10:15, click on JOIN MEETING and enter 'ebiquity' for the meeting name.
[1] http://userpages.umbc.edu/~relan1/
[2] http://www.cisa.umbc.edu/
[3] http://en.wikipedia.org/wiki/Session_fixation
[4] http://en.wikipedia.org/wiki/Cross-site_request_forgery
[5] http://en.wikipedia.org/wiki/Privilege_escalation
[6] http://www.marketwire.com/press-release/Cenzic-872666.html
[7] https://webmeeting.dimdim.com/portal/JoinForm.action?confKey=ebiquity
Assertions
- (Event) Web Application Session Attacks - Cause, Effect and Remediation has PowerPoint slides (Resource) Web Application Session Attacks - Cause, Effect and Remediation