Blog

Tuesday 12 September 2017

JavaScript Security Awareness - BlueClosure

1. Introduction


With a biweekly article’s publication we are going to cover as much possible of the JavaScript security theme. We’ll talk about the possible threats that a vulnerable JavaScript code could lead, the detection techniques and some real scenarios.

The logical line that we will follow starts from the “beginning” with the simplest exploitation and attack possible and, basing on that, we’ll expand the coverage to increasingly difficult attacks. Doing this we’ll show the main sources and sink tainting techniques, covering all kind of attacks documented by the OWASP Testing Guide in the Client Side Testing chapter. The purpose of the JavaScript Security Awareness is to inform the users how easily is to find some vulnerable JavaScript showing how and when an issue could occur.

Furthermore we want to present an all new tool, BlueClosure, that can automate the security analysis process testing the JavaScript.

The structure of the each article is the following: introduction to a vulnerability (of a security issue), explanation and detection of the vulnerability with BlueClosure and, in the end, a real world scenario where the particular vulnerability that we are talking about created a security breach. We have decided to start from the DOM XSS because it’s a very important issue (listed in the OWASP top 10) and XSS is the most prevalent web application security flaw.



1.1 Introduction to DOM Based XSS


DOM Based XSS is an attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner.


That is, the page itself (the HTTP response that is) does not change, but the client side code contained in the page executes differently due to the malicious modifications that have occurred in the DOM environment.

This is in contrast to other XSS attacks (Stored or Reflected), wherein the attack payload is placed in the response page (due to a server side flaw).

In the following OWASP code example, the “document.location.href” or “document.write” aren’t malicious, as the rest of the code.


document.location.href and document.write are sinks because theirs behaviour is legit but with a tainted input theirs becomes malicious.
Indeed with the following input is possible to exploit a DOMXSS:

      http://www.example.tld/page.html?lang=<script>alert(document.cookie)</script>

When the victim clicks on this link, the browser sends a request for:

    /page.html?lang=<script>alert(document.cookie)</script>

to www.some.site. The server responds with the page containing the above JavaScript code. The browser creates a DOM object for the page, in which the document.location object contains the string:

       http://www.example.tld/page.html?lang=<script>alert(document.cookie)</script> 

The original JavaScript code in the page does not expect the “lang” parameter to contain HTML markup, and as such it simply echoes it into the page (DOM) at runtime.
The browser then renders the resulting page and executes the attacker’s script:

    alert(document.cookie)

Note that the HTTP response sent from the server does not contain the attacker’s payload.
This payload manifests itself at the Client-side script at runtime, when a flawed script accesses the DOM variable "document.location" and assumes it is not malicious.


2. BlueClosure in Pills (A brief introduction to BC functionalities)


The BlueClosure platform provides the elements needed to execute the JavaScript analysis in real time (then while browsing the selected web target) and search for possible vulnerabilities such as HTML Injection, JS Execution, HTTP Parameter Pollution and others.

The main features of BlueClosure are:

  • JS Frameworks supports: Where BlueClosure can analyse any codebase written with JavaScript frameworks like Angular.js, jQuery, Meteor.js, React.js and many more. 
  • Realtime Dynamic Data Tainting: Where BlueClosure uses an advanced JavaScript instrumentation engine to understand the code. By leveraging our proprietary technology the BC engine can inspect any code, no matter how obfuscated it is. 
  • Scanning Automation: BlueClosure technology can automatically scan an entire website. This is the fastest way to scan and analyse BIG enterprise portals with rich JavaScript content as a tester would with his browser. 
  • Near-Zero False Positives: Data Validation and Context Awareness makes the use of a dynamic runtime tainting model on strings even more powerful, as it understands if a client side vulnerability is actually exploitable.

As mentioned earlier, BlueClosure provides accurate and careful analysis of the code in real time by reporting to the user the possible Findings that are categorized into Alerts, Warnings and Infos. Through these alerts, the user can quickly access the related vulnerability information by tracing the steps that led to the identification of the vulnerability in a highly detailed way.

The following example shows an issue identified by BlueClosure engine:



As you can see from the image above, BlueClosure indicates the main vulnerability information, like the Typology, the Source and finally the Sink (then, the Taint Propagation) that led to malicious code execution and its user-controlled Value (in the described case, the value is an HTML data).


The user can access more detailed information by clicking the Link in the vulnerability box, adding two more boxes.

  • The first box describes the History of the vulnerability, then the user-controlable value, if the vulnerability is Exploitable, whether the data is Encoded / Not Encoded, and by clicking on Show operations you can access the list of operations JavaScript that led to vulnerability execution; 
  • The second one, Vulnerable Code that will show the user the part of malicious code that was executed by exploiting the vulnerability.

The following example shows an example of History and Vulnerable Code in relation to the HTML Injection vulnerability described above:




67 comments :

  1. He keeps his understudies refreshed about the new improvements in this part and wouldn't fret going past the consistent syllabus to instruct them totally with pertinent and current subjects phonegap

    ReplyDelete
    Replies
    1. This respective topic of JavaScript Security Awareness, is so perfect and authorized to knowing but there are also very interesting and after-effecting results in UK, of GCSE Assignment Masters in UK affordably available to get done with your complete requirements gratefully.

      Delete
  2. The critical thinking given is commendable.
    paypal hack

    ReplyDelete
    Replies
    1. Hey, Action lover, do you want to play the most popular action game Nulls Brawl in your mobile, then try this out with unlimited money?

      Delete
  3. The best defense against common JavaScript security vulnerabilities is to be aware of them and implement the proper controls.
    ProWeb365 web design

    ReplyDelete
  4. These malicious scripts then execute on the client side in a manner determined by the attacker. Hardwood Floor Refinishing Minneapolis

    ReplyDelete
  5. I am happy to be here and this wonderful blog. I have found here lots of important information for my knowledge I need. Thanks for sharing this amazing post.

    ReplyDelete
  6. thanks for sharing these information with all of us. Kinemaster Gold

    ReplyDelete
  7. I am in one of the most best site to know the details, which are different from what I expected but still its good enough the way information has been displayed looks very unique and refreshing, I may need to settle a site which logo stitching services, can someone here please do this for me.

    ReplyDelete
  8. Hey guys! Our platform https://essaysrescue.com/essay-typer-review/ guarantee good results and personal information privacy which is not offered by many custom essay writing companies these days. Return policies and re-writing is also refurbished upon the client’s request.

    ReplyDelete
  9. The greatest protection against common JavaScript security flaws is to be aware of them and put appropriate safeguards in place.

    ReplyDelete
  10. This is moreover a by and large brilliant post which I genuinely thoroughly enjoyed scrutinizing. It isn't every day that I have the probability to see something like this..http://marcokrta829.image-perth.org/15-things-your-boss-wishes-you-knew-about-email-marketing-b2b

    ReplyDelete
  11. JavaScript Security is a great tool to keep your computer safe from harm. It is a very user-friendly program that is easy to use and understand. I highly recommend it to anyone who is looking for a good way to keep their computer safe.

    ReplyDelete
  12. I like reading your writings, and this one about JavaScript Security Awareness - Blue Closure is quite interesting. Because of how unique this truth is, I am grateful that I came across your website today when seeking for an accounting thesis topics service, as I am a student who values this type of information. If you are a student and need assistance with your homework, go to this website.

    ReplyDelete
  13. Playstar is a more moderen|a extra recent} casino that provides unique and enjoyable expertise. Handpicked, high-RTP jackpot games and one of the best software providers are variety of the} reasons to sign-up now. Another big difference to Clash of Clans-style village building is that in Coin Master, players’ villages are not persistent. Instead, there’s a world map with 260+ levels and 배당 토토 gamers progress to the following stage after using coins to complete a village. This method fits higher with the predominantly feminine audience that could be very acquainted with saga-based puzzle games.

    ReplyDelete
  14. Slotomania is a pioneer within the slot industry - with over 11 years of refining the game, it is a pioneer within the slot game industry. Many of its opponents have adopted related features and techniques to Slotomania, similar to collectibles and group play. To simplify the hundreds of mixtures into discrete slots on reels, each random quantity within the combination is split by a set value . The computer records the rest of this quotient, which by mathematical regulation can not exceed the set value . The the 헤븐카지노 rest is mapped to a sure image that is bodily distributed among the variety of slots the reel contains.

    ReplyDelete
  15. It’s also true, nonetheless, that the statistical knowledge collected in the business pinpoints which the most effective payout slots are in practice. This timeless video slot has an animal-meets-luxury theme, filled with cats and diamonds. During the bonus round, an extra wild symbol is added to the reels, and should you land them, you can to|you probably can} transform up to as} 4 additional symbols into further wilds. Bitcoin slots are quick changing into ever extra in style with gamers that respect the 카지노 사이트 security and anonymity that comes with depositing using the cryptocurrency. However, extra operators are starting to assist the fee methodology.

    ReplyDelete
  16. JavaScript security is a top priority, from programmatic errors and ... understanding common JavaScript security risks.

    ReplyDelete
  17. JavaScript Security Awareness is an important concept for any developer to understand in order to ensure their applications are secure. By understanding the potential security risks associated with JavaScript, developers can make sure their applications are properly secured and protected from malicious actors.

    ReplyDelete
  18. It's great to see organizations like Blue Closure emphasizing the importance of JavaScript security awareness. With the increasing prevalence of cyber threats, it's crucial for developers and businesses to prioritize security in their web applications.

    ReplyDelete
  19. Some points in this article about JavaScript code is really helpful and useful. Thanks for sharing this article. Now it's time to avail Shutter Repair London for more information.

    ReplyDelete
  20. When considering St. Louis rental property management, it's crucial to partner with a reputable company that understands the local market. The right management team can handle tenant screening, maintenance requests, and ensure timely rent collection. Look for a company that offers comprehensive services, including marketing vacancies and conducting property inspections. By entrusting your property to experienced professionals, you can save time and alleviate the stress of managing it yourself. St. Louis rental property management firms also provide valuable expertise on legal regulations and market trends, ensuring your investment remains profitable. Choose a trusted partner to maximize your returns and enjoy a hassle-free rental experience.

    ReplyDelete
  21. Staying on top of JavaScript security is crucial in today's digital landscape. Thanks for the reminder, BlueClosure!

    ReplyDelete
  22. If are bored of using old whatsapp and want to switch to modified version of whatsapp. Visit link to know more about mbwhatsking.

    ReplyDelete
  23. Merchant services for medical practices play a crucial role in streamlining financial transactions, enhancing patient experience, and ensuring efficient payment processing. These services enable medical practices to accept various payment methods, including credit and debit cards, electronic funds transfers, and online payments. With secure and compliant payment processing solutions, medical practices can improve cash flow, reduce administrative burdens, and enhance overall operational efficiency.

    Additionally, merchant services offer features like recurring billing, payment reminders, and detailed transaction reporting, which can help medical practices manage their finances more effectively. By implementing reliable merchant services, medical practices can create a seamless and convenient payment experience for patients, ultimately contributing to improved patient satisfaction and loyalty.

    ReplyDelete
  24. TCS Pakistan, a top courier and logistics company, offers a range of efficient and reliable shipping services. Utilizing TCS tracking location, customers can effortlessly track their parcels in real-time via the TCS website or mobile app, ensuring they are always informed of their shipment's status.

    ReplyDelete
  25. JavaScript is the backbone of dynamic web experiences, empowering developers to create interactive and responsive websites. From enhancing user interfaces to enabling complex functionalities, its versatility and widespread adoption continue to shape the digital landscape.

    ReplyDelete
  26. Understanding JavaScript security is essential in the modern digital world. Understanding how to defend against vulnerabilities like cross-site scripting (XSS) and cross-site request forgery (CSRF) is crucial given the complexity of web applications growing. The correct citation of security resources in research and documentation can be ensured with the use of tools such as an oscola reference generator, which will increase the information's credibility and dependability.

    ReplyDelete
  27. TCS offers international shipping services from Pakistan to Saudi Arabia, providing competitive pricing tailored to various package sizes and delivery speeds. This service ensures reliable and timely delivery, catering to both personal and business needs for cross-border shipments.

    ReplyDelete
  28. JavaScript security is important for building powerful web applications. Understanding common exposures like XSS and preventing them is important. While coding skills are vital, clear communication about security risks is equally important. For those needing help preparing clear arguments, linguistics essay writing services can provide valuable support.

    ReplyDelete
  29. In the ISO context of the organization, the focus is on understanding the internal and external factors that influence an organization’s ability to achieve its objectives. This includes identifying and addressing risks and opportunities to ensure that the organization’s quality management system is effective and aligned with its strategic goals.

    ReplyDelete
  30. Gas bill check refers to the process of reviewing and verifying your utility bill for accuracy, including checking usage, charges, and payment deadlines. This can often be done online through utility providers' websites or apps, ensuring that you understand your consumption and avoid any errors or discrepancies in billing.

    ReplyDelete
  31. The ISO 9001 change management procedure ensures that any changes to processes, products, or services are systematically assessed, documented, and controlled. This approach helps maintain quality and compliance while minimizing disruptions and risks.

    ReplyDelete
  32. The TCS area office Multan photos is a key regional hub, characterized by a modern exterior with prominent signage. Photos of the office typically showcase a well-organized facility, featuring a customer service area, staff offices, and a fleet of TCS delivery vehicles ready for dispatch.

    ReplyDelete
  33. Opportunity and risk refer to potential positive and negative outcomes that can impact an organization's objectives. Managing these elements effectively helps organizations maximize benefits while minimizing adverse effects.

    ReplyDelete
  34. TCS Dera Ghazi Khan is a branch of the well-known courier service, TCS (Tranzum Courier Service), located in Dera Ghazi Khan, Pakistan. Photos of this branch typically showcase the office's exterior, customer service areas, and delivery vehicles, highlighting its role in facilitating efficient logistics and parcel deliveries in the region.

    ReplyDelete
  35. The TCS office in Fort Abbas offers comprehensive courier and logistics solutions, including parcel delivery, document handling, and shipment tracking. Positioned to serve the local community efficiently, it provides reliable services for both personal and business requirements in the Fort Abbas region.

    ReplyDelete
  36. The TCS office in DG Khan provides a range of courier and logistics services, including parcel delivery and shipment tracking. It serves as a key service point for the local community, offering support and assistance with shipping needs. For more information, visiting the DG Khan office or reaching out to their customer service is advisable.

    ReplyDelete
  37. TCS (Tata Consultancy Services) tracking typically refers to a system used to monitor the status and location of shipments or packages delivered by TCS, a leading global IT services company. The tracking service provides real-time updates on the delivery process, ensuring customers can track their orders from dispatch to final delivery.

    ReplyDelete
  38. A cookout menu typically features a variety of grilled and barbecued dishes such as burgers, hot dogs, ribs, and chicken, complemented by sides like coleslaw, potato salad, baked beans, and corn on the cob. Desserts like pies or ice cream, along with refreshing beverages, complete the outdoor feast.

    ReplyDelete
  39. Blooket is an engaging online educational platform that combines learning with gaming. Teachers can create or use pre-made question sets, and students participate in interactive, game-based quizzes that make studying fun and competitive. Blooket's variety of game modes keeps students motivated while reinforcing classroom content.

    ReplyDelete
  40. Discover the beauty of an outdoor green wall! Our custom designs create stunning vertical gardens that enhance your landscape and promote a healthier environment.

    ReplyDelete
  41. Shop our exquisite collection of designer dresses for women, showcasing elegant styles and luxurious fabrics. Perfect for every occasion, these dresses will make you feel confident and chic.

    ReplyDelete
  42. Enjoy the crisp, refreshing taste of Flow Spring Water, sourced from pristine springs. Perfect for hydration, this natural spring water is packed with essential minerals for a revitalizing experience.

    ReplyDelete
  43. Looking for the best BBQ restaurant? Indulge in mouthwatering smoked meats, flavorful sauces, and a vibrant atmosphere. Join us for a delicious dining experience that will leave you craving more!

    ReplyDelete
  44. Free Digit Products is helping people make money through fun games, surveys, and more while simultaneously providing a secure crypto trading and retail platform!

    ReplyDelete
  45. Residential cleaner in California: providing top-notch thorough cleaning services to leave your home smelling wonderful and feeling brand new. You may trust our knowledgeable personnel to provide thorough, trustworthy, and eco-friendly cleaning solutions.

    ReplyDelete
  46. Find the top Californian online payment applications to ensure smooth transactions. Take advantage of quick, easy, and safe money transfers from anywhere at any time.

    ReplyDelete
  47. Discover Christian book authors who create uplifting and faith-filled content. Connect with writers offering deep spiritual insights and inspiring books for your journey.

    ReplyDelete
  48. Explore top mystery writers who craft thrilling and suspenseful stories. Discover leading authors known for their gripping plots and engaging narrative twists.

    ReplyDelete
  49. Explore spiritual best sellers for transformative insights and guidance. Discover top books that inspire, uplift, and enrich your spiritual journey.

    ReplyDelete
  50. Find stunning baby shower decorations to create a memorable celebration. Discover ideas for themes, colors, and decorations that make your event special and unique.

    ReplyDelete
  51. Discover fantasy book authors who create magical worlds and epic adventures. Explore their works for captivating stories and unforgettable journeys.

    ReplyDelete
  52. Find top hair treatment near me for healthy, vibrant hair. Discover local options for nourishing, repairing, and revitalizing your hair.

    ReplyDelete
  53. Discover fantasy fiction authors who weave enchanting tales and magical worlds. Explore their works for immersive adventures and captivating stories.

    ReplyDelete
  54. Indulge in the fascinating world of Cherika Shield’s book reading. Explore various genres according to your liking.

    ReplyDelete
  55. The Cookout menu offers a wide variety of American fast-food favorites, including burgers, hot dogs, BBQ, chicken sandwiches, and wraps. Known for its affordable combo deals, the menu also features sides like fries, hushpuppies, and over 40 flavors of milkshakes. Cookout is popular for its large portions and customizable meal options.

    ReplyDelete
  56. BlooketPin is a unique code used by players to join live Blooket games, an educational platform that combines learning with fun quizzes. Teachers or hosts provide the Blooket Pin to participants, allowing them to access and play interactive learning games.

    ReplyDelete
  57. The 350 status check allows applicants to monitor the progress of their Social Relief of Distress (SRD) grant application. It helps ensure timely updates on the approval and payment of the R350 grant.

    ReplyDelete
  58. It’s not often that I come across an explanation that feels both thorough and easy to understand. The writer really nailed the balance here, making sure to cover all the important points without making it overly complicated. I honestly didn’t expect to walk away with such a clear understanding of this topic, but I’m so glad I read this. Thank you for making it so accessible! Visit our link for ISO Certification in Tanzania

    ReplyDelete
  59. To check your SNGPL bill, visit the official Sui Northern Gas Pipelines Limited website and enter your consumer number in the bill inquiry section. You can view, download, or print your bill easily online.

    ReplyDelete
  60. To apply for a job at Cook Out, visit their official website and complete the online application form. You can apply for various positions at your nearest location, including cashier, cook, and management roles.

    ReplyDelete
  61. The TCS office in Malakwal provides efficient courier and logistics services, catering to local and international shipping needs. Customers can visit for parcel booking, tracking, and assistance with various shipment inquiries.

    ReplyDelete
  62. Blooket.com is an engaging online platform that combines education and entertainment through interactive games and quizzes, often used in classrooms to enhance learning. By integrating IoT (Internet of Things) technology, Blooket provides real-time data and analytics, allowing educators to track student progress and engagement. This innovative approach fosters a dynamic learning environment, making education more accessible and enjoyable for students.

    ReplyDelete
  63. This is a great overview of JavaScript security! Awareness of these issues is crucial for developers to build safer applications. Visit our link for ISO Certification In Philippines

    ReplyDelete
  64. Tracking with TCS allows customers to monitor the real-time status of their shipments through a unique tracking number. This service provides updates on parcel location and estimated delivery time, ensuring transparency and peace of mind.

    ReplyDelete