Design and logic issues Yes Memory corruption (buffer overflows) Yes-- Malicious script injection --Yes.

Slides:

Advertisements

Similar presentations

Same Origin Policies Hidetake Jo.

Advertisements

Hands-on SQL Injection Attack and Defense HI-TEC July 21, 2013.

JavaScript FaaDoOEngineers.com FaaDoOEngineers.com.

Analyzing Android Browser Apps for file:// Vulnerabilities Daoyuan Wu and Rocky Chang Oct 13, 2014 The Hong Kong Polytechnic University Information Security.

An Evaluation of the Google Chrome Extension Security Architecture

Web Security Model CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.

DT211/3 Internet Application Development

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Tutorial 10 Programming with JavaScript

Beware of Finer-Grained Origins

Chapter 4 Application Security Knowledge and Test Prep

Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Modern JavaScript Develop And Design Instructor’s Notes Chapter 2- JavaScript in Action Modern JavaScript Design And Develop Copyright © 2012 by Larry.

Understanding SharePoint 2013 Add-In Security Vulnerabilities

Presented by…. Group 2 1. Programming language 2Introduction.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.

Testing Tools. Categories of testing tools Black box testing, or functional testing Testing performed via GUI. The tool helps in emulating end-user actions.

CIS 375—Web App Dev II ASP.NET 2 Introducing Web Forms.

Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.

Origins, Cookies and Security – Oh My! John Kemp, Nokia Mobile Solutions.

Building Windows 8 Apps with HTML & JavaScript Jaime Rodriguez Principal

Windows Store apps with HTML + Facebook integration

Securing Web Applications. IE 7 significantly reduced attack surface against the browser and local machine…

Extend your app to multiple device families and use new capabilities by targeting the UWP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Krishna Mohan Koyya Glarimy Technology Services

1 JavaScript in Context. Server-Side Programming.

TUTORIAL 10: PROGRAMMING WITH JAVASCRIPT Session 2: What is JavaScript?

Tutorial 10 Programming with JavaScript. XP Objectives Learn the history of JavaScript Create a script element Understand basic JavaScript syntax Write.

Pete LePage Senior Product Manager Microsoft Corporation SESSION CODE: WEB301.

NMD202 Web Scripting Week3. What we will cover today Includes Exercises PHP Forms Exercises Server side validation Exercises.

Advanced Windows 8 Apps Using JavaScript Jump Start Exam Prep M5: Data, Files, and Encryption Michael Palermo Microsoft Technical Evangelist Jeremy.

Introducing ASP.NET 2.0. Internet Technologies WWW Architecture Web Server Client Server Request Response Network HTTP TCP/IP PC/Mac/Unix + Browser (IE,

2011/12/20 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011.

Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.

SMash : Secure Component Model for Cross- Domain Mashups on Unmodified Browsers WWW 2008 Frederik De Keukelaere et al. Presenter : SJ Park.

CSS 2D Transforms CSS 3D Transforms CSS Animations CSS Backgrounds & Borders CSS Color CSS Flexbox CSS Fonts CSS Grid CSS Hyphenation CSS Image Values.

HTML, Third Edition--Illustrated Brief 1 HTML, Third Edition Illustrated Brief Unit A Creating an HTML Document.

University of Central Florida The Postman Always Rings Twice: Attacking & Defending postMessage in HTML5 Websites Ankur Verma University of Central Florida,

1 JavaScript in Context. Server-Side Programming.

Introduction to Programming and JavaScript. Programming.

Managing the Application Life Cycle

Tutorial 10 Programming with JavaScript. 2New Perspectives on HTML, XHTML, and XML, Comprehensive, 3rd Edition Objectives Learn the history of JavaScript.

PHP Security Ryan Dunn Jason Pack. Outline PHP Overview PHP Overview Common Security Issues Common Security Issues Advanced Security Issues Advanced Security.

Tutorial 10 Programming with JavaScript. 2New Perspectives on HTML, XHTML, and XML, Comprehensive, 3rd Edition Objectives Learn the history of JavaScript.

What web developers need to know when building Metro style apps Scott Dickens Principal Program Manager Lead Microsoft Corporation DEV352.

JAVASCRIPT A quick review. True False ■The DOM is a standardized way of referring to parts of a Web page. ■TRUE ■In the DOM, attributes have their own.

By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,

The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites Paper by Sooel Son and Vitaly Shmatikov, The University of Texas.

Agenda Steps of App Building The Runtime Environment Managing App Data Debug and Test an App Validate an App Publish an App to a Store Packaging Apps.

Redmond Protocols Plugfest 2016 Tarun Chopra Accessing APIs through Add-Ins Sr. Escalation Engineer.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

Building a Chrome extension Chance Feick |. Outline History Development – Manifest File – Content Scripts – chrome.* API Installation Deployment Live.

Module 4: Troubleshooting Web Servers. Overview Use IIS 7.0 troubleshooting features to gather troubleshooting information Use the Runtime Control and.

Department of Computer Science

Example – SQL Injection

WebView: Bringing the web to your app

TechEd /26/2018 3:42 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

What is REST API ? A REST (Representational State Transfer) Server simply provides access to resources and the REST client accesses and presents the.

Web Development & Design Foundations with HTML5 7th Edition

Security mechanisms and vulnerabilities in .NET

What web developers need to know when building Metro style apps

Analyzing WebView Vulnerabilities in Android Applications

The Application Lifecycle

Dave Weston Senior SDET Microsoft Corporation

Tutorial 10: Programming with javascript

Presentation transcript:

Design and logic issues Yes Memory corruption (buffer overflows) Yes-- Malicious script injection --Yes

Vulnerability example: exposing WinRT to the web WinJS.xhr({url:” function fulfilled(result) { var cmd = JSON.parse(result.responseText); eval(cmd.evalMe); }

Vulnerability example: exposing WinRT to the web WinJS.xhr({url:” function fulfilled(result) { var cmd = JSON.parse(result.responseText); switch(cmd.apiNum) { case 0: localFolder.createFileAsync(cmd.filename).then(function (f){ windows.Storage.FilIO.writeTextAsync(f,cmd.content); } case 1: …

Windows Runtime and capabilities YesNo Cross-domain XHR requests YesNo External script references NoYes Automatic toStaticHTML validation YesNo

Following established patterns can produce code that’s easier to test and debug.

Validate source of postMessage event // Secure message handler, validates message domain origin window.addEventListener('message', function (e) { if (e.origin === ' { div.innerHTML = window.toStaticHTML(e.data); } }, false);

Sanitizing HTML from share source if(shareOperation.data.contains(StandardDataFormats.html)) { shareOperation.data.getHtmlFormatAsync().then(function (ut_html) { if (ut_html !== null) { var s_htmlFragment = HtmlFormatHelper.getStaticFragment(ut_html); var myDiv = document.getElementById("htmlContent"); myDiv.innerHTML = s_htmlFragment; } });

You can now navigate a WebView directly to saved content in your AppData directory. The domain for saved content is based on the directory. Preserve same-origin policy. Save HTML content from different domains to different directories.

Vulnerability: SOP violation (pseudo code) page1 = xhr(“ page2 = xhr(“ Windows.Storage.ApplicationData.current.localFolder.createFolderAsync( “MySaved”); // save page1 and page2 content to files in MySaved folder // navigate to page2.html myWebView.navigate(“ms-appdata:///local/MySaved/page2.html”) // page2 can access contents of page 1.

Custom certificate in the app manifest

Encrypt sensitive data using WinRT API Windows.Security.Cryptography.DataProtection Use XDomainRequest instead of XHR when cookies are not needed See MSDN documentation and links in resources for more details.