Just wanted to share that I passed the GPEN exam! Got a 90%. It was one of those exams that showed you your progress. This was a blessing and curse. It was nice to know I passed after getting 105 questions correct, but since I knew I passed at that time, it was easy to slack off toward the end and I missed a number of questions because of it.
I put in my application for my GPEN gold. The paper title is: "Identifying Load Balancers in Penetration Testing". The application was approved. I will begin work on the paper starting around the 10th of next month. It is a 6 month process so more to come on that. I have a lot of work ahead of me.
In the mean time, still being on track with my certification goals, I began studying for the CISSP yesterday. I hope to have it done before the years end. (If anyone else is studying for this one as well and would like to get together online or in person to study, let me know) That was the goal I set forth. Then in the beginning of next year I will be finishing my GPEN gold paper and starting to get ready for the GSEC towards my GSE.
Monday, July 20, 2009
Friday, July 10, 2009
XSS?
Where have you been Curt? Well as some of you may know I'm getting real close to taking the GPEN certification exam. Next week in fact! So I have been trying to study hard and keeping focused. I did want to give you guys a new post though to ensure you that I'm still here and still plan on keeping up on my musings.
Have you heard of XSRF? You might have heard it called cross site request forgery. This is a dangerous attack vector that people can used to do all sorts of nasty things. Take for example, this cool picture of cookie monster:
What picture of cookie monster you might ask? You may see nothing above or you may see a little white box with a red x in it or a box with a ripped file inside. You see what just happened is I executed a bit of code for your system to run. What code? Well if you had a bank account with my bank, I would have just transferred $13000 from your account to mine :) Thanks! There are something things that would need to be in place for this to happen though.
What I would need to do is have you look at this blog posting while you were logged into your online banking. This isn't that difficult as a lot of people multi task. You may say "but I don't normally browse when I bank". That is fine too. I can also use this code to have you execute a command of my choosing to any site you may be logged into at the moment. i.e. How about changing your Facebook, Myspace, or ebay password so I can highjack it for example?
Why would the other page accept this junk? The short answer is that it does this because I use your cookie (or session) to tell it what to do. Since you authenticated to that site, it thinks you are requesting this information so it subserviently obliges.
Why all of the bad news? Well I want you all to be aware of the things that can happen very simply on the Internet. The good news to this is that websites such as your bank, ebay and others are doing all they can to help stop this. It is an uphill battle though so don't expect it to end completely. As long as there is crime in the world there will be people coming up with new ways to steal your information.
How can we protect against this Curt? Again, this is difficult to say because the dynamic changes all of the time. One thing that would help here is to turn on, or off, the setting in your browser to not allow third party images. In Firefox there is a setting you can disable called Load images automatically. IE 8 actually has a nice new feature that allows you to block third party images from a website, much like how I ran the code above. This may cause issue with your page displaying properly. I guess it's about how far you want to go. Alternately you can choose the option to clear cache, cookies and offline content every time you close your browser. This does mean you will have to log in every time you vist those types of sites that require it. You can also close your browser and reopen it after doing online transactions and logging out of those pages. It does seem that more and more pages of this sort are providing you with that request when you log off already, which is a good thing. That clears the session and if you are clearing your cookies and such on exit then it takes the option away from the attacker.
Be safe on the Internet. It's not a land of milk and honey! It's a warzone where many unsuspecting people get caught in crossfires and direct attacks. You can enjoy the convienance and productivity that it brings, just be cautious. As always, if you have any further questions, let me know!
Have you heard of XSRF? You might have heard it called cross site request forgery. This is a dangerous attack vector that people can used to do all sorts of nasty things. Take for example, this cool picture of cookie monster:
What picture of cookie monster you might ask? You may see nothing above or you may see a little white box with a red x in it or a box with a ripped file inside. You see what just happened is I executed a bit of code for your system to run. What code? Well if you had a bank account with my bank, I would have just transferred $13000 from your account to mine :) Thanks! There are something things that would need to be in place for this to happen though.
What I would need to do is have you look at this blog posting while you were logged into your online banking. This isn't that difficult as a lot of people multi task. You may say "but I don't normally browse when I bank". That is fine too. I can also use this code to have you execute a command of my choosing to any site you may be logged into at the moment. i.e. How about changing your Facebook, Myspace, or ebay password so I can highjack it for example?
Why would the other page accept this junk? The short answer is that it does this because I use your cookie (or session) to tell it what to do. Since you authenticated to that site, it thinks you are requesting this information so it subserviently obliges.
Why all of the bad news? Well I want you all to be aware of the things that can happen very simply on the Internet. The good news to this is that websites such as your bank, ebay and others are doing all they can to help stop this. It is an uphill battle though so don't expect it to end completely. As long as there is crime in the world there will be people coming up with new ways to steal your information.
How can we protect against this Curt? Again, this is difficult to say because the dynamic changes all of the time. One thing that would help here is to turn on, or off, the setting in your browser to not allow third party images. In Firefox there is a setting you can disable called Load images automatically. IE 8 actually has a nice new feature that allows you to block third party images from a website, much like how I ran the code above. This may cause issue with your page displaying properly. I guess it's about how far you want to go. Alternately you can choose the option to clear cache, cookies and offline content every time you close your browser. This does mean you will have to log in every time you vist those types of sites that require it. You can also close your browser and reopen it after doing online transactions and logging out of those pages. It does seem that more and more pages of this sort are providing you with that request when you log off already, which is a good thing. That clears the session and if you are clearing your cookies and such on exit then it takes the option away from the attacker.
Be safe on the Internet. It's not a land of milk and honey! It's a warzone where many unsuspecting people get caught in crossfires and direct attacks. You can enjoy the convienance and productivity that it brings, just be cautious. As always, if you have any further questions, let me know!
Subscribe to:
Posts (Atom)
