Help Irongeek.com pay for bandwidth and research equipment:
SH5ARK ATTACK- taking a byte out of HTML5! Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)
SH5ARK ATTACK- taking a byte out of HTML5!
Derbycon 2012
The W3C is in the process, still, of completing the HTML5 specification,
which provides a whole new set of features for developers to create client-side
web applications for a richer experience for users. However, these features have
also introduced a new set of threats and vulnerabilities that could increase the
opportunity for attacks performed against browsers that support HTML5, of which
most already do. Since HTML5 adds all events to all tags, this provides an
opportunity for bypassing filters and Web Application Firewalls (WAFs), which
allows a remote attacker to perform a client-side attack and control most of
what the browser is capable of doing.
In this talk, Tony and Jason will discuss how HTML5 is opening a new world of
opportunities for client-side attacks. As part of a DARPA CFT project, the
Secure Ideas team built a repository called Securing HTML5 Assessment Resource
Kit (SH5ARK). An overview of the SH5ARK repository will be presented, which
includes code samples of vulnerable HTML5 features, attack proof of concepts, as
well as filtering rules that can be utilized to help prevent attacks. The SH5ARK
repository will be released shortly after DerbyCon.
Tony DeLaGrange / Jason Wood
Tony DeLaGrange – Tony is a Senior Security Analyst with Secure Ideas, bringing
over twenty-five years of information technology experience in the healthcare
and financial services industries. For over the past decade, Tony has focused on
information security within a leading Fortune 50 financial institution,
providing the design of security reference architecture, development of
information security policies, standards, and baselines, as well as the
assessment and testing of emerging technologies. While at Secure Ideas, Tony has
had the opportunity to lead two DARPA CFT projects, help develop the SANS 571
Mobile Device Security courseware, and is the project lead for the open source
MobiSec mobile testing live environment. Tony has presented on multiple SANS
webcasts and at industry events such as AppSec, Good’s Mobile summit, ShmooCon,
and was a co-chair of the SANS Mobile Device Security summit.
Jason Wood is a Senior Security Analyst with SecureIdeas, bringing over 12 years
of systems administration and security experience with the Windows and
UNIX/Linux operating systems. He has spent most of his career in web based
companies in security, application and infrastructure roles. His experience
includes vulnerability assessments, systems hardening and monitoring. He has
taught classes on vulnerability management, event monitoring, and configuration
auditing. He also has been a mentor for SANS Security 504 – Hacker Techniques,
Exploits and Incident Handling. He currently has the GCIH certification. Jason
is the author of Reconnoiter, a reconnaissance project for penetration testing.
Email address(es): tony(-at-)secureideas.net / jason(-at-)secureideas.net