The Hidden XSS Attacking the Desktop & Mobile Platforms – Slides & Video
Posted by Kos on 10/09/2011 at 10:12 pm | Last modified: 11/08/2011 6:08 pmA few weeks ago (October 2th) I was in Louisville, Kentucky, giving a talk at Derbycon. I also gave the same talk in San Diego (October 9th) at Toorcon 13. It’s a much expanded version of a talk I did back in June at Toorcon Seattle, “XSS Without the Browser”.
Slides are below, and video is after the break. The slides are a bit different than the video. I modified, reordered, and added a few slides, and also included a new Google application vulnerability.
The code is currently available at : http://kos.io/xsspwn/
A few notes I want to add about this video:
- At roughly 41:30, when I send myself an email, it juts so happened that early that morning, Google rolled out a server side fix (notice the unread email which was received at 2:27AM, thanks Google (; ), which broke my first attempt at the demo. Fortunately, I had the local offline email database to rely on for that demo to work.
- I said “CORS” a little before the 5 minute mark, I actually meant Same Origin Policy
- I said something along the liens of “file:// as specified in the RFC”, while it’s technically true since I was speaking about the Origin Policy, it should be noted that the file:/// rules in the RFS are little fuzzy. Webkit by standard allows file:///, Chrome denies access to file:/// all together, Firefox ony let’s file:/// access the subdirectories. I have on clue what Triden (IE) and Opera do.
Comments (7)
[...] today’s TakeDownCon security conference in Las Vegas, researcher Kyle Osborn will present some examples of cross-site scripting attacks that he and colleagues have discovered [...]
[...] today’s TakeDownCon security conference in Las Vegas, researcher Kyle Osborn will present some examples of cross-site scripting attacks that he and colleagues have discovered [...]
[...] today’s TakeDownCon security conference in Las Vegas, researcher Kyle Osborn will present some examples of cross-site scripting attacks that he and colleagues have discovered [...]
[...] Una versión de la conferencia de Osborn está disponible en línea. Comparte esto:EmailDiggFacebookPrintNotas relacionadasTendencias 2012: el malware, a los móvilesMalware para Android crece 472 por cientoMCAFEE PUBLICA CINCO IMPORTANTES CONSEJOS PARA EVITAR APLICACIONES DEFECTUOSASBlackBerry 7 OS Obtiene la Certificación Common Criteria EAL4+Google termina con la aplicación de Gmail para Blackberrys3M PROTEGE LAPTOPS, TABLETS Y OTROS DISPOSITIVOS MÓVILES MEDIANTE SUS NUEVOS “FILTROS DE PRIVACIDAD”Descubren una importante vulnerabilidad de seguridad en el iPhoneDispositivos móviles: secuestro de información y suscripciones indeseadasiPhone puede usarse como keyloggerNueva versión de Android es más resistente contra ataques de seguridad [...]
[...] also made an interesting discovery in the Gmail application for Android. He found an XSS flaw in Gmail.app that would allow a hacker to forcefully download a certain file and then [...]
[...] also made an interesting discovery in the Gmail application for Android. He found an XSS flaw in Gmail.app that would allow a hacker to forcefully download a certain file and then [...]
[...] today’s TakeDownCon security conference in Las Vegas, researcher Kyle Osborn will present some examples of cross-site scripting attacks that he and colleagues have discovered [...]