SecurityTubeBeta Watch ... Learn ... Contribute |
 |
 |
 |
 |
 |
  |
|
MalaRIA Proxy Demo
Unrestricted crossdomain.xml and clientaccesspolicy.xml files can be abused by an attacker. The attacker can setup a rouge RIA app - a malaRIA - on a site, and if he can trick the user to visit the site, the malicious RIA can perform actions on behalf of the user (CSRF). Because the RIA runs in the user's browser, the requests will reuse the user's authentication cookies. Because the RIA is able to both read and request data, normal CSRF protection does not work (nonces/tokens can be read). Such a RIA can at the same time transfer data back and forth to the server from which it came through a socket. This can allow the attacker to send commands to the RIA, which will then perform these actions.
The MalaRIA proxy consists of a silverlight or flex RIA application running in the browser and a java backend to exploit the above flaw. You can read the detailed blog post here. Below is a video demo of the concept.
Thanks go out to Erlend Oftedal (erlend [] oftedal.no) for referring this video to us!
The MalaRIA proxy consists of a silverlight or flex RIA application running in the browser and a java backend to exploit the above flaw. You can read the detailed blog post here. Below is a video demo of the concept.
Thanks go out to Erlend Oftedal (erlend [] oftedal.no) for referring this video to us!
Related Videos from: New Security Tool Demos (2)
 |  | .jpg) | .jpg) |  | |
You are Viewing this Video Now! | |||||
2533 views | 2349 views | 2371 views | 2059 views | 1179 views |
Author
Anonymous Submission
©2007 Freak Labs |