This information is useful when performing later attacks such
as CSRF, in which the attacker forces the administrator to perform an action using the
administrative methods that have been previously discovered.
Migration exposures are an interesting class of vulnerability that arise in Web 2.0
applications that have been upgraded from Web 1.0 applications. Unlike other
vulnerabilities in which a specific hole in the application is sought by the attacker,
migration exposures target application functionality that was previously hidden from
users but is now exposed. These issues arise when developers are not explicitly aware of
what functionality an AJAX framework is going to expose to users after a migration.
Attackers can use the JavaScript sent down by the server before authentication takes
place, which describes the full functionality of the application, to look for common
exposure classes such as internal methods, debug functionality, and hidden URLs.
Developers must be alert during a Web 2.0 migration to ensure that only methods
that should truly be public are exposed to clients and anything dealing with internal
functionality remains hidden. Additionally, once a Web 2.
Pages:
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353