Create an Account
username: password:
 
  MemeStreams Logo

Surf Jacking

search

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Surf Jacking
Topic: Miscellaneous 1:21 pm EDT, Aug 14, 2008

Side Jacking: When websites use HTTP I can passively monitor network traffic and see your cookies. That's just Bretarded

Surf Jacking: If developers designed an SSL site poorly, by a HIJACKING A LOWER NETWORK LAYER I can actively force your browser to reveal its cookies, even if your are using SSL. Pretty cool, but limited.

So there is a design flaw in HTTP state management that some folks might not know about: Developers, not the protocol, make the decision about whether cookies should be served over both secure and insecure connections. And as we know developers typically choose poorly when it comes to security.

Crux of paper: If I hijack a lower network layer I inject HTTP responses to non-SSL requests that force the browser to send its cookies for a site over a non-SSL connection, where anyone (read me) monitoring the traffic can see the session ID.

And thats the problem. If you can hijack network sessions HTTP cookie theft is a fairly tame thing to do. For example, just MITM a victim when they first try to connect to the secure site. 99.5% of users ignore broken SSL certs anyway. And this works against site's with rotating session ids where surf jacking would not.

In short, nifty trick, but high barriers that, if passable, let you do way worse things then what this paper describes.

Surf Jacking



 
 
Powered By Industrial Memetics
RSS2.0