LUK
26-02-2014, 10:59
Como todos los años, WhiteHat Security (la empresa fundada en 2001 por Jeremiah Grossman) lleva a cabo un concurso con las mejores técnicas de hacking web del año.
Las votaciones a los nuevos y creativos métodos suelen ser en dos fases: la primera abierta a la Comunidad y la segunda en la que un (impresionante) jurado elige las mejores en base a los resultados de la primera.
Ahora por fin, tenemos los ganadores de las mejores técnicas del 2013:
El Top 10
Mario Heiderich – Mutation XSS (https://www.hackinparis.com/talk-mario-heiderich)
Angelo Prado, Neal Harris, Yoel Gluck – BREACH (http://threatpost.com/breach-compression-attack-steals-https-secrets-in-under-30-seconds/101579)
Pixel Perfect Timing Attacks with HTML5 (http://contextis.co.uk/research/white-papers/pixel-perfect-timing-attacks-html5/)
Lucky 13 Attack (http://www.isg.rhul.ac.uk/tls/Lucky13.html)
Weaknesses in RC4 (http://www.isg.rhul.ac.uk/tls/)
Timur Yunusov and Alexey Osipov – XML Out of Band Data Retrieval (https://media.blackhat.com/eu-13/briefings/Osipov/bh-eu-13-XML-data-osipov-slides.pdf)
Million Browser Botnet Video (https://www.youtube.com/watch?v=ERJmkLxGRC0) Briefing (http://blackhat.com/us-13/briefings.html#Grossman) Slideshare (http://www.slideshare.net/jeremiahgrossman/million-browser-botnet)
Large Scale Detection of DOM based XSS (http://ben-stock.de/wp-content/uploads/domxss.pdf)
Tor Hidden-Service Passive De-Cloaking (https://blog.whitehatsec.com/tor-hidden-service-passive-de-cloaking/)
HTML5 Hard Disk Filler™ API (http://feross.org/fill-disk/)
Lista completa de 2013 (sin un orden en particular):
Tor Hidden-Service Passive De-Cloaking (https://blog.whitehatsec.com/tor-hidden-service-passive-de-cloaking/)
Top 3 Proxy Issues That No One Ever Told You (https://blog.whitehatsec.com/top-3-proxy-issues-that-no-one-ever-told-you/)
Gravatar Email Enumeration in JavaScript (https://blog.whitehatsec.com/gravatar-email-enumeration-in-javascript/)
Pixel Perfect Timing Attacks with HTML5 (http://contextis.co.uk/research/white-papers/pixel-perfect-timing-attacks-html5/)
Million Browser Botnet Video (https://www.youtube.com/watch?v=ERJmkLxGRC0) Briefing (http://blackhat.com/us-13/briefings.html#Grossman) Slideshare (http://www.slideshare.net/jeremiahgrossman/million-browser-botnet)
Auto-Complete Hack by Hiding Filled in Input Fields with CSS (https://yoast.com/research/autocompletetype.php)
Site Plagiarizes Blog Posts, Then Files DMCA Takedown on Originals (http://arstechnica.com/science/2013/02/site-plagiarizes-blog-posts-then-files-dmca-takedown-on-originals/)
The Case of the Unconventional CSRF Attack in Firefox (https://blog.whitehatsec.com/the-case-of-an-unconventional-csrf-attack-in-firefox/)
Ruby on Rails Session Termination Design Flaw (http://maverickblogging.com/logout-is-broken-by-default-ruby-on-rails-web-applications/)
HTML5 Hard Disk Filler™ API (http://feross.org/fill-disk/)
Aaron Patterson – Serialized YAML Remote Code Execution (https://groups.google.com/forum/?fromgroups=#%21topic/rubyonrails-security/KtmwSbEpzrU)
Fireeye – Arbitrary reading and writing of the JVM process (http://threatpost.com/java-zero-day-procession-continues-030113/77575)
Timothy Morgan – What You Didn’t Know About XML External Entity Attacks (https://www.youtube.com/watch?v=eHSNT8vWLfc)
Angelo Prado, Neal Harris, Yoel Gluck – BREACH (http://threatpost.com/breach-compression-attack-steals-https-secrets-in-under-30-seconds/101579)
James Bennett – Django DOS (http://threatpost.com/patches-for-django-framework-fix-dos-vulnerability/102323)
Phil Purviance – Don’t Use Linksys Routers (https://superevr.com/blog/2013/dont-use-linksys-routers/)
Mario Heiderich – Mutation XSS (https://www.hackinparis.com/talk-mario-heiderich)
Timur Yunusov and Alexey Osipov – XML Out of Band Data Retrieval (https://media.blackhat.com/eu-13/briefings/Osipov/bh-eu-13-XML-data-osipov-slides.pdf)
Carlos Munoz – Bypassing Internet Explorer’s Anti-XSS Filter (https://blog.whitehatsec.com/internet-explorer-xss-filter)
Zach Cutlip – Remote Code Execution in Netgear routers (http://threatpost.com/some-netgear-routers-open-to-remote-authentication-bypass-command-injection/102689)
Cody Collier – Exposing Verizon Wireless SMS History (http://www.tripwire.com/state-of-security/top-security-stories/verizon-wirelesss-customer-portal-exposed-text-messages/)
Compromising an unreachable Solr Serve (http://www.agarri.fr/blog/)
Finding Weak Rails Security Tokens (http://averagesecurityguy.info/2013/11/08/finding-weak-rails-security-tokens/)
Ashar Javad Attack against Facebook’s password reset process. (http://slid.es/mscasharjaved/trusted-friend-attack)
Father/Daughter Team Finds Valuable Facebook Bug (http://threatpost.com/father-daughter-hacking-team-finds-valuable-facebook-bug/102877)
Hacker scans the internet (http://arstechnica.com/security/2013/03/guerilla-researcher-created-epic-botnet-to-scan-billions-of-ip-addresses/)
Eradicating DNS Rebinding with the Extended Same-Origin Policy (http://ben-stock.de/wp-content/uploads/dns-rebinding.pdf)
Large Scale Detection of DOM based XSS (http://ben-stock.de/wp-content/uploads/domxss.pdf)
Struts 2 OGNL Double Evaluation RCE (https://communities.coverity.com/blogs/security/2013/05/29/struts2-remote-code-execution-via-ognl-injection)
Lucky 13 Attack (http://www.isg.rhul.ac.uk/tls/Lucky13.html)
Weaknesses in RC4 (http://www.isg.rhul.ac.uk/tls/)
Resultados de años anteriores: 2006 (http://jeremiahgrossman.blogspot.com/2006/12/top-10-web-hacks-of-2006.html) (65), 2007 (http://jeremiahgrossman.blogspot.com/2008/01/top-ten-web-hacks-of-2007-official.html) (83), 2008 (http://jeremiahgrossman.blogspot.com/2009/02/top-ten-web-hacking-techniques-of-2008.html) (70), 2009 (http://jeremiahgrossman.blogspot.com/2010/01/top-ten-web-hacking-techniques-of-2009.html) (82), 2010 (http://jeremiahgrossman.blogspot.com/2011/01/top-ten-web-hacking-techniques-of-2010.html) (69), 2011 (https://blog.whitehatsec.com/vote-now-top-ten-web-hacking-techniques-of-2011/) (51) y 2012 (https://blog.whitehatsec.com/top-ten-web-hacking-techniques-of-2012/) (56).
Más información de las votaciones de 2013: http://blog.whitehatsec.com/top-10-web-hacking-techniques-2013/ (http://blog.whitehatsec.com/top-10-web-hacking-techniques-2013/)
Fuente: http://www.hackplayers.com/2014/02/las-10-mejores-tecnicas-de-hacking-web-2013.html
Las votaciones a los nuevos y creativos métodos suelen ser en dos fases: la primera abierta a la Comunidad y la segunda en la que un (impresionante) jurado elige las mejores en base a los resultados de la primera.
Ahora por fin, tenemos los ganadores de las mejores técnicas del 2013:
El Top 10
Mario Heiderich – Mutation XSS (https://www.hackinparis.com/talk-mario-heiderich)
Angelo Prado, Neal Harris, Yoel Gluck – BREACH (http://threatpost.com/breach-compression-attack-steals-https-secrets-in-under-30-seconds/101579)
Pixel Perfect Timing Attacks with HTML5 (http://contextis.co.uk/research/white-papers/pixel-perfect-timing-attacks-html5/)
Lucky 13 Attack (http://www.isg.rhul.ac.uk/tls/Lucky13.html)
Weaknesses in RC4 (http://www.isg.rhul.ac.uk/tls/)
Timur Yunusov and Alexey Osipov – XML Out of Band Data Retrieval (https://media.blackhat.com/eu-13/briefings/Osipov/bh-eu-13-XML-data-osipov-slides.pdf)
Million Browser Botnet Video (https://www.youtube.com/watch?v=ERJmkLxGRC0) Briefing (http://blackhat.com/us-13/briefings.html#Grossman) Slideshare (http://www.slideshare.net/jeremiahgrossman/million-browser-botnet)
Large Scale Detection of DOM based XSS (http://ben-stock.de/wp-content/uploads/domxss.pdf)
Tor Hidden-Service Passive De-Cloaking (https://blog.whitehatsec.com/tor-hidden-service-passive-de-cloaking/)
HTML5 Hard Disk Filler™ API (http://feross.org/fill-disk/)
Lista completa de 2013 (sin un orden en particular):
Tor Hidden-Service Passive De-Cloaking (https://blog.whitehatsec.com/tor-hidden-service-passive-de-cloaking/)
Top 3 Proxy Issues That No One Ever Told You (https://blog.whitehatsec.com/top-3-proxy-issues-that-no-one-ever-told-you/)
Gravatar Email Enumeration in JavaScript (https://blog.whitehatsec.com/gravatar-email-enumeration-in-javascript/)
Pixel Perfect Timing Attacks with HTML5 (http://contextis.co.uk/research/white-papers/pixel-perfect-timing-attacks-html5/)
Million Browser Botnet Video (https://www.youtube.com/watch?v=ERJmkLxGRC0) Briefing (http://blackhat.com/us-13/briefings.html#Grossman) Slideshare (http://www.slideshare.net/jeremiahgrossman/million-browser-botnet)
Auto-Complete Hack by Hiding Filled in Input Fields with CSS (https://yoast.com/research/autocompletetype.php)
Site Plagiarizes Blog Posts, Then Files DMCA Takedown on Originals (http://arstechnica.com/science/2013/02/site-plagiarizes-blog-posts-then-files-dmca-takedown-on-originals/)
The Case of the Unconventional CSRF Attack in Firefox (https://blog.whitehatsec.com/the-case-of-an-unconventional-csrf-attack-in-firefox/)
Ruby on Rails Session Termination Design Flaw (http://maverickblogging.com/logout-is-broken-by-default-ruby-on-rails-web-applications/)
HTML5 Hard Disk Filler™ API (http://feross.org/fill-disk/)
Aaron Patterson – Serialized YAML Remote Code Execution (https://groups.google.com/forum/?fromgroups=#%21topic/rubyonrails-security/KtmwSbEpzrU)
Fireeye – Arbitrary reading and writing of the JVM process (http://threatpost.com/java-zero-day-procession-continues-030113/77575)
Timothy Morgan – What You Didn’t Know About XML External Entity Attacks (https://www.youtube.com/watch?v=eHSNT8vWLfc)
Angelo Prado, Neal Harris, Yoel Gluck – BREACH (http://threatpost.com/breach-compression-attack-steals-https-secrets-in-under-30-seconds/101579)
James Bennett – Django DOS (http://threatpost.com/patches-for-django-framework-fix-dos-vulnerability/102323)
Phil Purviance – Don’t Use Linksys Routers (https://superevr.com/blog/2013/dont-use-linksys-routers/)
Mario Heiderich – Mutation XSS (https://www.hackinparis.com/talk-mario-heiderich)
Timur Yunusov and Alexey Osipov – XML Out of Band Data Retrieval (https://media.blackhat.com/eu-13/briefings/Osipov/bh-eu-13-XML-data-osipov-slides.pdf)
Carlos Munoz – Bypassing Internet Explorer’s Anti-XSS Filter (https://blog.whitehatsec.com/internet-explorer-xss-filter)
Zach Cutlip – Remote Code Execution in Netgear routers (http://threatpost.com/some-netgear-routers-open-to-remote-authentication-bypass-command-injection/102689)
Cody Collier – Exposing Verizon Wireless SMS History (http://www.tripwire.com/state-of-security/top-security-stories/verizon-wirelesss-customer-portal-exposed-text-messages/)
Compromising an unreachable Solr Serve (http://www.agarri.fr/blog/)
Finding Weak Rails Security Tokens (http://averagesecurityguy.info/2013/11/08/finding-weak-rails-security-tokens/)
Ashar Javad Attack against Facebook’s password reset process. (http://slid.es/mscasharjaved/trusted-friend-attack)
Father/Daughter Team Finds Valuable Facebook Bug (http://threatpost.com/father-daughter-hacking-team-finds-valuable-facebook-bug/102877)
Hacker scans the internet (http://arstechnica.com/security/2013/03/guerilla-researcher-created-epic-botnet-to-scan-billions-of-ip-addresses/)
Eradicating DNS Rebinding with the Extended Same-Origin Policy (http://ben-stock.de/wp-content/uploads/dns-rebinding.pdf)
Large Scale Detection of DOM based XSS (http://ben-stock.de/wp-content/uploads/domxss.pdf)
Struts 2 OGNL Double Evaluation RCE (https://communities.coverity.com/blogs/security/2013/05/29/struts2-remote-code-execution-via-ognl-injection)
Lucky 13 Attack (http://www.isg.rhul.ac.uk/tls/Lucky13.html)
Weaknesses in RC4 (http://www.isg.rhul.ac.uk/tls/)
Resultados de años anteriores: 2006 (http://jeremiahgrossman.blogspot.com/2006/12/top-10-web-hacks-of-2006.html) (65), 2007 (http://jeremiahgrossman.blogspot.com/2008/01/top-ten-web-hacks-of-2007-official.html) (83), 2008 (http://jeremiahgrossman.blogspot.com/2009/02/top-ten-web-hacking-techniques-of-2008.html) (70), 2009 (http://jeremiahgrossman.blogspot.com/2010/01/top-ten-web-hacking-techniques-of-2009.html) (82), 2010 (http://jeremiahgrossman.blogspot.com/2011/01/top-ten-web-hacking-techniques-of-2010.html) (69), 2011 (https://blog.whitehatsec.com/vote-now-top-ten-web-hacking-techniques-of-2011/) (51) y 2012 (https://blog.whitehatsec.com/top-ten-web-hacking-techniques-of-2012/) (56).
Más información de las votaciones de 2013: http://blog.whitehatsec.com/top-10-web-hacking-techniques-2013/ (http://blog.whitehatsec.com/top-10-web-hacking-techniques-2013/)
Fuente: http://www.hackplayers.com/2014/02/las-10-mejores-tecnicas-de-hacking-web-2013.html