0x0e.org | pentesting perspective

braindump on pentesting, QA, metasploit, constant learning

Top Web Hacking Techniques of 2008

leave a comment »

Jeremiah Grossman & co’s “Top Web Hacking Techniques of 2008” have been released. Go check’m out, update your own techniques, and add anything they might have missed (I can’t think of any…).

Some of my favorites:

  • Cross-Site Printing – By using only JavaScript, an Internet web site can remotely print to an internal network based printer by doing an HTTP POST. Handy for sending anonymous notes when your neighbor just won’t shut up.
  • GIFARS – These files could be uploaded to sites that allow image uploading (such as many site’s member photos), to run code in the context of that site – getting around the “same origin policy” that browsers impose. Handy for spl0iting forums
  • SQL Column Truncation – Interesting technique that j0e brought to my attention. Good for spl0iting your friendly neighborhood mysql app.
  • Cross-Environment Hopping –  to be honest, i haven’t read the whole post here, but i think i’ve always wanted to cross-hop someone. sue me. (this is a REALLY nice explanation of current same-origin issues & how to utilize different IE / Firefox components to take advantage of variations in implementation, for what it’s worth).

Note to self: Don’t spend 45 mins trying to figure out how to unlink a word in ScribeFire. Entire linked paragraphs are /okay/ if it’s going to destroy your productivity (and your non-existent social life).

Advertisements

Written by jcran

January 27, 2009 at 4:30 AM

Posted in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: