Presented at
Black Hat Europe 2014,
Oct. 16, 2014, 11:45 a.m.
(60 minutes).
SOME - "Same Origin Method Execution" is a new technique that abuses JSONP in order to perform a limitless number of unintended actions on a website on behalf of users, by assembling a malicious set of timed frames and/or windows. Despite the similarity to click-jacking, this attack is not UI related nor it is confined in terms of user interaction, browser brand, HTTP X-FRAME-OPTIONS/Other response headers or a particular webpage, in fact, when a webpage found vulnerable to "SOME", the entire domain becomes vulnerable. During this talk, I intend to demonstrate how JSONP opens a backdoor, even in the most protected domains, to a very powerful attack that can cause severe damage without any user-interaction.
Presenters:
-
Ben Hayak
- Trustwave
I'm Ben Hayak, a Security Researcher. My main interests are reverse engineering, web application security and client-server security. I have quite a few years of experience with Assembler/Assembly language, debugging, and programming. I have three years of data communications experience with CCNA & CCNP Route qualifications. I also have great experience as a security consultant, surveying the penetrability of data systems and providing practical solutions for organizations.
Currently, I work as a security researcher in Trustwave SpiderLabs. My expertise include reviewing, isolating, analyzing, and reverse-engineering programs that are vulnerable or malicious code in order to determine and develop protection against the specific nature of the threat. I am also one of the Top 0xA list of security researchers on Google security list.
Links:
Similar Presentations: