Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

Published byCuthbert Gallagher Modified over 9 years ago

Similar presentations

Presentation on theme: "Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson."— Presentation transcript:

1 Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson

2 Lab 3 Goals Learn what cookies are Learn about Cross-Site Scripting Attacks Learn what it means to steal cookie information Get hands on experience with a web browser vulnerability

3 What are cookies? Nope, not the kind you eat! ;) The Kind that track you like a creepy stalker! Cookies are data stored in a web browser There many different “types” of cookies: Session, Persistent/Tracking Persistent cookies are cookies that will outlast user sessions and are used for a variety of reasons Zombie Cookies that recreate themselves Cookies identify who you are to a website The website stores this information (like your username and password) to help provide you with the pages you view They can be used to keep track and keep records of users browsing histories and activity

4 …. Are they Good or Bad? Cookies can be tracked by third-parties and are used by advertising companies to track users across multiple sites and pages. For example, in 2002 the CIA was leaving persistent cookies on computers who were visiting their sites. In 2005, The NSA has also left persistent cookies from a software upgrade. RFC 2965 specifies that browsers should protect user privacy and not allow third-party cookies by DEFAULT. BUT most browsers ALLOW these third-party cookies by default. It is allowed because browsers and the third-party website has it stated in their Policies and agreements For instance, Do you think Facebook should have the right to track your Google searches? Or any online activity?

5 Cross-site Scripting Attacks/XSS These vulnerabilities would occur in the server- side code They are vulnerabilities in Web Applications XSS injects client-side script into web pages There are different kinds of XSS attacks, but Lab 3 deals with cookie stealing through XSS The injected code Steals a cookie that should be only exchanged between the server/client and is sent to another party

6 We will be using these Webhacking.zip Files malURL.htm Redirectpage.htm Setgetcookie.htm Stealcookie.php Log.txt

7 Lab 3 Process 1.User first opens setgetcookie.htm on vulnerable site 2.Sets cookie 3.Attacker sends malURL.htm to user with malicious URLs in it 4.Clicking on them redirects user to redirectpage.htm 5.redirectpage.htm has script embedded in a html tag 6.Script inputs the document’s cookie to stealcookie.php on attacker’s site 7.Stealcookie.php logs the cookie on attacker’s site

8 setgetcookie.htm

9 malURL.htm

10 Hovering over each link with your cursor shows two different destinations. One is more deceiving and more likely to be opened/clicked on

11 Second Link: redirectpage.htm redirects to stealcookie.php <?php $f = fopen("log.txt","a"); $cookie = "\n".$_GET['username']."\n"; fwrite($f, $cookie); fclose($f); ?>

12 Log.txt Stealcookie.php file stores the cookie into the log.txt file BAM!!! You’re HACKED!

13 Today: Changes and Threats Lab 3 is only an example of the general process of XSS cookie stealing and would not work in real world because of an increase in the web browsing security. Modern browsers are more sophisticated now and don’t relocate to new sites without permission and they filter out scripts from links But hackers come up new ways around these features EVERYDAY Which is why it is so important to update all of your software regularly. Examples of cookie stealing: Malicious links through instant messengers, emails, spam, Facebook, disguised websites, disguised links Web browsing and clicking on malicious links Injected sophisticated scripting code to trick users

14 Real World Cookie Stealing Example Facebook cookie stealing Example: You can capture packets using a free network packet analyzer This is where you can Find a “cookie” over an internet connection You’ll need other applications as well like Firefox, greasemonkey, and cookieinjector script This example gives you access to their account but doesn’t give you their credentials Only works if Facebook connection is HTTP Prevented by using HTTPS which you can enable in your Browser under Account Settings>Security

15 Preventing cookie stealing Using HTTPS encrypts and protects Web Vulnerability Scanners Choosing to “Remember Me” uses Google uses similar cookies for its services Detecting suspicious activity on server side Requiring Re-authentication Cookies are browser specific Browser Fingerprint Change Browser Settings to tell websites not to track you

16 Any Questions?

Download ppt "Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson."

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.

ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.
WEB BROWSER SECURITY By Robert Sellers Brian Bauer.

WEB BROWSER SECURITY By Robert Sellers Brian Bauer.
Workshop 6: SSL/TLS The HTTPS stripping attacks Zhou Peng and Daoyuan Wu 25 April 2014.

Workshop 6: SSL/TLS The HTTPS stripping attacks Zhou Peng and Daoyuan Wu 25 April 2014.
Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
COMP 321 Week 12. Overview Web Application Security  Authentication  Authorization  Confidentiality Cross-Site Scripting Lab 12-1 Introduction.

COMP 321 Week 12. Overview Web Application Security  Authentication  Authorization  Confidentiality Cross-Site Scripting Lab 12-1 Introduction.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Unit 12 Using the Internet & Browsing the Web.  Understand the difference between the Internet and the World Wide Web  Identify items on a web page.

Unit 12 Using the Internet & Browsing the Web.  Understand the difference between the Internet and the World Wide Web  Identify items on a web page.
IDAsec copyright - all rights reserved1 Web Vulnerabilities in the real world.

IDAsec copyright - all rights reserved1 Web Vulnerabilities in the real world.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
WEB SECURITY WORKSHOP TEXSAW 2013 Presented by Joshua Hammond Prepared by Scott Hand.

WEB SECURITY WORKSHOP TEXSAW 2013 Presented by Joshua Hammond Prepared by Scott Hand.
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal.

The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report 2014 https://info.cenzic.com/2013-Application-Security-Trends-Report.html.

Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report
Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.

Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.

Similar presentations

Ads by Google