Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense
نویسندگان
چکیده
We identify a class of Web browser implementation vulnerabilities, cross-origin JavaScript capability leaks, which occur when the browser leaks a JavaScript pointer from one security origin to another. We devise an algorithm for detecting these vulnerabilities by monitoring the “points-to” relation of the JavaScript heap. Our algorithm finds a number of new vulnerabilities in the opensource WebKit browser engine used by Safari. We propose an approach to mitigate this class of vulnerabilities by adding access control checks to browser JavaScript engines. These access control checks are backwardscompatible because they do not alter semantics of the Web platform. Through an application of the inline cache, we implement these checks with an overhead of 1–2% on industry-standard benchmarks.
منابع مشابه
Detile: Fine-Grained Information Leak Detection in Script Engines
Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to detect return-oriented programming require memory disclosure attacks as a fundamental first step. However, research lags behind in detecting such information leak...
متن کاملExploitation of Cross-Site Scripting (XSS) Vulnerability on Real World Web Applications and its Defense
Attacks on web applications are growing rapidly with the opening of new technologies, HTML tags and JavaScript functions. Cross-Site Scripting (XSS) vulnerabilities are being exploited by the attackers to steal web browser's resources (cookies, credentials etc. ) by injecting the malicious JavaScript code on the victim's web applications. The existing techniques like filtering of tags...
متن کاملPreventing Capability Leaks in Secure JavaScript Subsets
Publishers wish to sandbox third-party advertisements to protect themselves from malicious advertisements. One promising approach, used by ADsafe, Dojo Secure, and Jacaranda, sandboxes advertisements by statically verifying that their JavaScript conforms to a safe subset of the language. These systems blacklist known dangerous properties that would let advertisements escape the sandbox. Unfortu...
متن کاملJustified Cross-Site Scripting Attacks Prevention from Client-Side
— Web apps are fetching towards the overriding way to offer access to web services. In parallel, vulnerabilities of web application are being revealed and unveiled at an frightening rate. Web apps frequently make JavaScript code utilization that is entrenched into web pages to defend client-side behavior which is dynamic. This script code is accomplished in the circumstance of the client’s web ...
متن کاملDetection and Diagnosis of Memory Leaks in Web Applications
Memory leaks – the existence of unused memory on the heap of applications – result in low performance and may, in the worst case, cause applications to crash. The migration of application logic to the client side of modern web applications and the use of JavaScript as the main language for client-side development have made memory leaks in JavaScript an issue for web applications. Significant po...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009