Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

New Whitepaper - "Second-order Code Injection Attacks"

from [WebAppSecurity [Technicalinfo.net]] Network Security [Permanent Link]
Subject: New Whitepaper - "Second-order Code Injection Attacks"
Date: Mon, 1 Nov 2004 19:25:30 -0000 
Hi List,

Figured some of you may be interested in my new whitepaper - "Second-order
Code Injection Attacks"

The paper is available from:
http://www.nextgenss.com/papers/SecondOrderCodeInjection.pdf

Abstract:
"Many forms of code injection targeted at web-based applications (for
instance cross-site scripting and SQL injection) rely upon the instantaneous
execution of the embedded code to carry out the attack (e.g. stealing a
user's current session information or executing a modified SQL query).  In
some cases it may be possible for an attacker to inject their malicious code
into a data storage area that may be executed at a later date or time.
Depending upon the nature of the application and the way the malicious data
is stored or rendered, the attacker may be able to conduct a second-order
code injection attack.

A second-order code injection attack can be classified as the process in
which malicious code is injected into a web-based application and not
immediately executed, but instead is stored by the application (e.g.
temporarily cached, logged, stored in a database) and then later retrieved,
rendered and executed by the victim."

Cheers,

Gunter
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: TrustBar and insecure sites of PayPal, MS Passport, Yahoo!, Chase, ..., Yvan G.J. Boily
Next by Date:  Re: AD in the DMZ, Non Proprio
Previous by Thread:  RE: TrustBar and insecure sites of PayPal, MS Passport, Yahoo!, Chase, ..., Yvan G.J. Boily
Next by Thread:  Re: New Whitepaper - "Second-order Code Injection Attacks", Jeff Williams
Indexes:  [Date] [Thread] [Top] [All Lists]