Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: [WEB SECURITY] cookies a fundamental threat?

Re: [WEB SECURITY] cookies a fundamental threat?

From: Brian Eaton <eaton.lists_at_gmail.com>
Date: Wed, 10 May 2006 09:34:59 -0400

Hi Arian -

On 5/9/06, Evans, Arian <Arian.Evans_at_fishnetsecurity.com> wrote:
> What are we, close to a decade now on this thread?

At least. =)

> Per your examples below, there are a lot of different ways
> to use tokens (contextual) and different ways to implement
> tokens and /one possible way/ is a cookie, which has pros and
> cons, just like all the other options, but has the HUGE con
> of being automagically supplied by the browser...*not* even
> upon demand, not requiring some challenge-response scenario,
> but will be supplied by the browser with even the simplest
> tickle to make a request. This is called CSRF, or the catchier
> but possibly misleading "securenet session riding"! ;)

Good point. If you use hidden form fields or random elements in the
URL for sessions, you get CSRF protection for free. If you are using
cookies, you need to take extra steps to block CSRF attacks.

> My mates and I released a proxy at BH Amsterdam that did
> all this for you automatically. 256 bit AES, stored flags for
> various bits in the HTTP resp, removed and stored things like
> cookies for you (which is how it worked transparently), and
> could be 1) URL param, 2) URI resource, 3) replace URI (most
> secure...and fun, 4) legacy URL/param support.

Would you be willing to summarize what kind of attacks your proxy can
prevent, and what kind it cannot? Or perhaps point us to a more
detailed description of what it does?

Regards,
Brian

-------------------------------------------------------------------------
Sponsored by: Watchfire

Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web
application security assessments should be considered a crucial phase in
the development of any web application. What methodology should be
followed? What tools can accelerate the assessment process?
Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000007t9h
--------------------------------------------------------------------------
Received on May 10 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos