O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

HTML5 Messaging (Post Message)

Learn the basic concept of HTTP Post Message and Attack Scenario by Parth Jankharia.

Livros relacionados

Gratuito durante 30 dias do Scribd

Ver tudo

Audiolivros relacionados

Gratuito durante 30 dias do Scribd

Ver tudo
  • Seja o primeiro a comentar

HTML5 Messaging (Post Message)

  1. 1. HTML5 Messaging (postMessage) By - Parth Jhankharia Date - 14/5/2020
  2. 2. ~$whoami ● Security Analyst ● Twitter @Aee_Parth
  3. 3. postMessage-Overview ● Working ● Exploitation ● Remediation ● References
  4. 4. postMessage Supported Browsers From:- https://caniuse.com/#search=postMessage
  5. 5. postMessage? ● Controlled mechanism to circumvent SOP. ● Dispatches “Message Event”. ● Type (Always “message”). ● Data (User Supplied). ● Origin (Origin of the window calling). ● Source (window Calling).
  6. 6. Same Origin Policy ● Port ● Protocol ● Host
  7. 7. Same Origin Policy https://net-square.com/ https://net-square.com/whateva/
  8. 8. Same Origin Policy https://net-square.com/ https://subdomain.netsquare.com/
  9. 9. Same Origin Policy https://net-square.com/ https://net-square.com:1337/
  10. 10. Same Origin Policy https://net-square.com/ http://net-square.com/
  11. 11. postMessage? ● Syntax window.postMessage(message, targetOrigin [, ports]) ● Example window.postMessage(“msg-here”, “*”)
  12. 12. postMessage Working Via:- https://medium.com/javascript-in-plain-english/javascript-and-window-postmessage-a60c8f6adea9
  13. 13. postMessage Demo
  14. 14. postMessage Attacks ● XSS ● Information leakage.
  15. 15. postMessage Xss ● No origin validation on the target. ● Attacker crafts a malicious page having an xss payload ● Sending the payload from attacker’s domain. ● XSS’ed.
  16. 16. postMessage Xss Via:- https://github.com/shurmajee/postmessage-vulnerability-demo
  17. 17. postMessage Xss Demo
  18. 18. So How Do We Fix It?
  19. 19. So How Do We Fix It?
  20. 20. So How Do We Fix It? ● You have to check the origin.
  21. 21. So How Do We Fix It? ● You HAVE to check the origin.
  22. 22. So How Do We Fix It? ● You HAVE to check the origin. ● CORRECTLY
  23. 23. postMessage Origin Via:- https://github.com/shurmajee/postmessage-vulnerability-demo
  24. 24. postMessage Origin Demo
  25. 25. Incorrect Origin Checks
  26. 26. Reference ● https://www.slideshare.net/LukasKlein1/attacking-and-defending-html5-p ostmessage-in-mobile-websites ● https://www.slideshare.net/mitchbox/ltiframe-communication-in-javascript ● https://github.com/shurmajee/postmessage-vulnerability-demo ● https://medium.com/javascript-in-plain-english/javascript-and-window-po stmessage-a60c8f6adea9 ● https://www.cs.utexas.edu/~shmat/shmat_ndss13postman.pdf
  27. 27. Resources ● https://www.slideshare.net/danwrong/building-anywhere-for-txjs ● https://www.slideshare.net/tomasperezv/sandboxed-platform ● https://public-firing-range.appspot.com/dom/index.html ● https://www.slideshare.net/peterlubbers/html5-realtime-and-connectivity ● https://www.youtube.com/watch?v=FTeE3OrTNoA&t=862s
  28. 28. More Resources
  29. 29. Questions/Thoughts/Feedback?
  30. 30. Thank You!

    Seja o primeiro a comentar

  • MuhammedKorany

    Jun. 8, 2020

Learn the basic concept of HTTP Post Message and Attack Scenario by Parth Jankharia.

Vistos

Vistos totais

687

No Slideshare

0

De incorporações

0

Número de incorporações

13

Ações

Baixados

3

Compartilhados

0

Comentários

0

Curtir

1

×