PARTS:
Part 1
Part 2
Part 3
Part 4
Part 5
Part 6
Part 7
Part 8
Part 9
Part 10
Part 11
Part 12
Part 13
Part 14
Part 15
Part 16
Part 17
Part 18
Part 19
Part 20
WHAT'S HOT
Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos
"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"
0
And suppose the server responded with this:
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Apache
Cookie: blah=USERINPUT1; domain=somewhere.com;
Content-Length: 502
Hello USERINPUT2
click me
click me 2
Each user input can potentially be exploited in many ways. We now present a few
ways to attempt to inject HTML with each user input.
USERINPUT1 is placed in the cookie HTTP header. If an attacker can inject semicolons
(;) into USERINPUT1, then the attacker can fiddle with the cookie??™s security controls
and possibly other parts of the cookie. If an attacker can inject new lines (\n, URL
encoded value %0d) and/or new lines and carriage returns (\r\n, URL encoded value
%0a%0d), then the attacker can add HTTP headers and add HTML.
Pages:
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112
And suppose the server responded with this:
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Apache
Cookie: blah=USERINPUT1; domain=somewhere.com;
Content-Length: 502
click me
click me 2
some paragraph
Each user input can potentially be exploited in many ways. We now present a few
ways to attempt to inject HTML with each user input.
USERINPUT1 is placed in the cookie HTTP header. If an attacker can inject semicolons
(;) into USERINPUT1, then the attacker can fiddle with the cookie??™s security controls
and possibly other parts of the cookie. If an attacker can inject new lines (\n, URL
encoded value %0d) and/or new lines and carriage returns (\r\n, URL encoded value
%0a%0d), then the attacker can add HTTP headers and add HTML.
Pages:
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112