Recently web hacking and more specifically Cross-Site Scripting(XSS) vulnerabilities have risen to the fore front of the security communities collective consciousness. Why is this? Wasn't it just a few years back that the general consensus was that XSS bugs were dumb and useless? So my question is simply what changed?
The first and most obvious answer is that more people are using more web services. The rise of web 2.0 has been met with more people signing up for community based sites such as youtube and myspace. People have moved their mail and personal calendars to these web based services. To compound the issue further many of these services are all tied together with some form of single sign-on. Thus stealing cookies via XSS now has a greater value than it ever has before.
Every class of vulnerability has to go through this phase of valuation before it gets exploited en masse and it becomes the hot topic. For example buffer overflows aren't as interesting when your working on a single user machine that you already have access to. But when coupled with the connectivity of the internet and the amount of information that's protected from you it becomes interesting.
Additionally, the rise of XSS is being fostered by the improvements in system security made in the past few years. Stack protection, heap protections, reduction of the number of services being run by default. Also vista's addition of things like Address Space Layout Randomization, have made exploitation of bugs at the systems level significantly more difficult. When something becomes more difficult people start looking for easier attack vector. Since XSS and web hacking takes place in userland there's less accounting information that you have to play with such as memory addresses. A failed exploitation attempt doesn't kill the box, process etc.
Finally I'm stealing a page from pdp and putting in a copy of the machine is us/ing us
0 comments:
Post a Comment