(转)Top Ten Web Hacking Techniques of 2011
转自:https://blog.whitehatsec.com/vote-now-top-ten-web-hacking-techniques-of-2011/
Every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. Beyond individual vulnerability instances with CVE numbers or system compromises, we’re talking about actual new and creative methods of Web-based attack. The Top Ten Web Hacking Techniques list encourages information sharing, provides a centralized knowledge-base, and recognizes researchers who contribute excellent work.
The Top Ten
- BEAST (by: Thai Duong and Juliano Rizzo)
- Multiple vulnerabilities in Apache Struts2 and property oriented programming with Java (by: Johannes Dahse)
- DNS poisoning via Port Exhaustion (by: Roee Hay and Yair Amit)
- DOMinator – Finding DOMXSS with dynamic taint propagation (by: Stefano Di Paola)
- Abusing Flash-Proxies for client-side cross-domain HTTP requests (by: Martin Johns and Sebastian Lekies)
- Expression Language Injection (by: Stefano Di Paola and Arshan Dabirsiaghi)
- Java Applet Same-Origin Policy Bypass via HTTP Redirect (by: Neal Poole)
- CAPTCHA Hax With TesserCap (by: Gursev Kalra)
- Bypassing Chrome’s Anti-XSS filter (by: Nick Nikiforakis)
- CSRF: Flash + 307 redirect = Game Over (by: Phillip Purviance)
How the winners were selected…
Phase 1: Open community voting (Ballot) [COMPLETE]
From of the field of 51 total entries received listed below, each voter (open to everyone) ranks their fifteen favorite Web Hacking Techniques using a survey. Each entry (listed alphabetically) get a certain amount of points depending on how highly they are individually ranked in each ballot. For example, an each entry in position #1 will be given 15 points, position #2 will get 14 point, position #3 gets 13 points, and so on down to 1 point. At the end all points from all ballots will be tabulated to ascertain the top fifteen overall. And NO selecting the same attack multiple times! (they’ll be deleted)
Voting will close at the end of the day this Monday, February 20.
[CLOSED] The more people who vote, the better the results! Vote Now!
Phase 2: Panel of Security Experts [COMPLETE]
From the result of the open community voting, the top fifteen Web Hacking Techniques will be voted upon by panel of security experts (to be announced soon). Using the exact same voting process as phase 1, the judges will rank the final fifteen based of novelty, impact, and overall pervasiveness. Once tabulation is completed, we’ll have the Top Ten Web Hacking Techniques of 2011!
Voting will close at the end of the day on Sunday, February 26.
Soon after the winners will be announced!
Good luck everyone
The Final 15:
Hundreds of votes were cast during the open vote — a great turn out. Thank you everyone for taking the time! 44% of the respondents were self-described “Breakers,” follow by 22% “Defenders,” 16% “Builders,” and 17% did not specify. There was a very smooth distribution of points totals across the range of entries. Clearly everyone had their favorites. Of course we saw a lot of ballot stuffing action, which required a substantive amount of clean-up, but when ranking a Web hacking techniques’ its kind of what you expect This is exactly why we have a final 15 process first, so the top ten outcome isn’t negatively affected. Any entries that obviously don’t belong in the top ten are easily eliminated during the “Panel of Security Experts” phase. Now it’s the judges turn to have their say!
- Abusing Flash-Proxies for client-side cross-domain HTTP requests
- Abusing HTTP Status Codes to Expose Private Information
- Autocomplete..again?!
- BEAST
- Bypassing Chrome’s Anti-XSS filter
- CAPTCHA Hax With TesserCap
- Cookiejacking
- CSRF: Flash + 307 redirect = Game Over
- DNS poisoning via Port Exhaustion
- DOMinator – Finding DOMXSS with dynamic taint propagation
- Expression Language Injection
- Java Applet Same-Origin Policy Bypass via HTTP Redirect
- JSON-based XSS exploitation
- Multiple vulnerabilities in Apache Struts2 and property oriented programming with Java
- Session Puzzling (aka Session Variable Overloading)
The Big List:
- Abusing Flash-Proxies for client-side cross-domain HTTP requests [slides]
- Abusing HTTP Status Codes to Expose Private Information
- Autocomplete..again?!
- BEAST
- Bypassing Chrome’s Anti-XSS filter
- Bypassing Flash’s local-with-filesystem Sandbox
- CAPTCHA Hax With TesserCap
- CSRF with JSON – leveraging XHR and CORS
- CSRF: Flash + 307 redirect = Game Over
- Close encounters of the third kind (client-side JavaScript vulnerabilities)
- Cookiejacking
- Cross domain content extraction with fake captcha
- Crowd-sourcing mischief on Google Maps leads customers astray
- DNS poisoning via Port Exhaustion
- DOMinator – Finding DOMXSS with dynamic taint propagation
- Double eval() for DOM based XSS
- Drag and Drop XSS in Firefox by HTML5 (Cross Domain in frames)
- Excel formula injection in Google Docs
- Exploitation of “Self-Only” Cross-Site Scripting in Google Code
- Exploiting the unexploitable XSS with clickjacking
- Expression Language Injection
- Facebook: Memorializing a User
- Filejacking: How to make a file server from your browser (with HTML5 of course)
- Google Chrome/ChromeOS sandbox side step via owning extensions
- HOW TO: Spy on the Webcams of Your Website Visitors
- Hidden XSS Attacking the Desktop & Mobile Platforms
- How To Own Every User On A Social Networking Site
- How to get SQL query contents from SQL injection flaw
- How to upload arbitrary file contents cross-domain (2)
- JSON-based XSS exploitation
- Java Applet Same-Origin Policy Bypass via HTTP Redirect
- Kindle Touch (5.0) Jailbreak/Root and SSH
- Launch any file path from web page
- Lotus Notes Formula Injection
- Multiple vulnerabilities in Apache Struts2 and property oriented programming with Java
- NULLs in entities in Firefox
- Rapid history extraction through non-destructive cache timing (v8)
- Session Puzzling (aka Session Variable Overloading) Video 1, 2, 3, 4
- SpyTunes: Find out what iTunes music someone else has
- Stealth Cookie Stealing (new XSS technique)
- Stripping Referrer for fun and profit
- SurveyMonkey: IP Spoofing
- Temporal Session Race Conditions Video 2
- Text-based CAPTCHA Strengths and Weaknesses
- The Failure of Noise-Based Non-Continuous Audio Captchas
- Timing Attacks on CSS Shaders
- Tracking users that block cookies with a HTTP redirect
- Using Cross-domain images in WebGL and Chrome 13
- XSS in Skype for iOS
- XSS-Track as a HTML5 WebSockets traffic sniffer
- HashDOS: Effective Denial of Service attacks against web application platforms
转载于:https://www.cnblogs.com/phoenix--/articles/2382223.html
(转)Top Ten Web Hacking Techniques of 2011相关推荐
- 2021年十大 web hacking 技术汇总
聚焦源代码安全,网罗国内外最新资讯! 编译:代码卫士 PortSwigger 发布2021年的前十大 Web Hacking 技术.该媒体自2015年开始向信息安全社区征求候选名单,本次共收到40份 ...
- Hacking techniques automation
***自动***技术ppt讲稿: Hacking techniques automation 来源:安全焦点2006
- Linux命令TOP TEN
TOP TEN 命令: history | awk '{CMD[$2]++;count++;} END { for(a in CMD) {print CMD[a] " " CMD[ ...
- 《Web Hacking 101》中的链接整理
<Web Hacking 101>中的链接整理 原书:Web Hacking 101 HTML 注入 Coinbase Comments HackerOne Unintended HTML ...
- 十大经典Java手机游戏 Top Ten Best Java Mobile Games
手机上的Java即J2ME(Java 2 Micro Edition)是Sun公司专门用于嵌入式设备的Java软件,开发的软件和游戏可以实现跨平台使用,具有良好的兼容性.当今Java游戏已经有了非常华 ...
- Tryhackme-Introduction to Web Hacking
Introduction to Web Hacking 文章目录 Introduction to Web Hacking Walking An Application Task1 Walking An ...
- 十大WEB安全问题(OWASP Top Ten Project-2017)
开放式Web应用程序安全项目(OWASP,Open Web Application Security Project)是一个组织,它提供有关计算机和互联网应用程序的公正.实际.有成本效益的信息.其目的 ...
- Web Hacking 101 中文版 九、应用逻辑漏洞(三)
7. 绕过 Gitlab 的双因素认证 难度:中 URL:无 报告链接:https://hackerone.com/reports/128085 报告日期:2016.4.3 奖金:无 描述: 4 月 ...
- Web Hacking 101 中文版 十三、子域劫持
十三.子域劫持 作者:Peter Yaworski 译者:飞龙 协议:CC BY-NC-SA 4.0 描述 子域控制就真的是听上去那样,它是一种场景,恶意用户能够代表合法站点来申请一个子域.总之,这一 ...
- Web Hacking 101 中文版 十七、服务端请求伪造
十七.服务端请求伪造 作者:Peter Yaworski 译者:飞龙 协议:CC BY-NC-SA 4.0 描述 服务端请求伪造,或者 SSRF,是一种类型,它允许攻击者使用目标服务器来代表攻击者自己 ...
最新文章
- POJ 3268 D-Silver Cow Party
- Helm 从入门到实践 | 从 0 开始制作一个 Helm Charts
- 我是如何使用laydate日历插件更换掉老项目不好用的日历插件datepicker的
- android 组件路由框架,XRouter:组件化路由框架
- mysql 优化器关联查询_MySQL 查询优化器(二)
- apt mysql 5.1_linux下apt安装mysql导致mysql.user table is damaged
- CentOS下apache绑定域名
- Python爬虫入门教程 68-100 一招解决爬虫程序卡死问题
- html 表格 分页源码,JS代码实现table数据分页效果
- XUI 熟练使用之(一) ----------- 将 XUI 引入项目
- 方差分析、T检验、卡方分析如何区分?
- 【imx6ul】从头搭建imx6ul开发环境(uboot、内核编译及烧入、mfgtools详细使用方法)
- GPS测量的精度及用途
- fastboot 不能烧录问题
- JVM内存管理------GC算法精解(五分钟让你彻底明白标记/清除算法)(4)
- 【DL】第 1 章:神经网络相关核心概念
- 『MongoDB』MongoDB的数据存储格式Bson比Json有哪些优势?
- java设备未就绪_java.io.IOException: 设备未就绪。怎么解决?
- 从零开始之驱动发开、linux驱动(四十、Linux common clock framework(5)_使用举例)
- 算法的五大要素 学计算机必备