The Art of Executing JavaScript by Akhil Mahendra

•

0 gefällt mir•664 views

This document outlines a presentation on executing JavaScript and preventing cross-site scripting (XSS) attacks. It discusses the types of XSS, including reflected, stored, and DOM-based XSS. It also covers same origin policy, content security policy (CSP) directives and keywords, common CSP mistakes like unsafe-inline, and bypassing CSP. It provides examples of XSS in different contexts like HTML, attributes, scripts, styles, and URLs. Finally, it mentions escaping the expression sandbox in Angular JS and demonstrates XSS and CSP bypass techniques.

Software

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
The Art of Executing Javascript

$Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Akhil Mahendra ➢ Web application security enthusiast ➢ CTFer{@teambi0s} ➢ @Akhil_Mahendra About$

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Introduction - XSS
➢ Types of XSS and different context
➢ Same Origin Policy
➢ Content Security Policy
➢ XSS via Angular JS
Agenda

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
Attack with a wrong name ?
Introduction

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Still exists after 18 years !
➢ NO.7 in OWASP top 10 2017
➢ Most commonly reported security vulnerability
Introduction

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Stealing user cookies
➢ Keylogger
➢ Deface website
Introduction - Impact

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Reflected XSS
➢ Stored XSS
➢ DOM based XSS
Types of XSS

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ HTML
➢ Attribute
➢ Script
➢ Style
➢ Url
Different Context

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ User input comes inside HTML elements
○ <p>Injection</p>
➢ POC
○ <script>alert(1)</script>
Different Context -html context

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ User input comes inside HTML attributes
○ <p class = ” Injection ”> </p>
○ <p Injection = ” test123 ”> </p>
➢ POC
○ " onmouseover="alert(1)">
○ onmouseover="alert(1)" class
Different Context -attribute context

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ User input comes inside <script> tags
○ <script> var a = ‘ Injection ‘; </script>
➢ POC
○ ‘;alert(1);//
Different Context -script context

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ User input comes inside <script> tags
○ <p style “ color: injection ” > </p>
➢ POC
○ expression(alert(1));
Different Context -style context

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ User input comes inside <script> tags
○ <a href = ” injection ” > click </a>
➢ POC
○ javascript:alert(1)
Different Context -url context

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Scripts on a page can make HTTP request and process
responses between hosts that has the same:
Protocol, Hostname, Port
➢ An IFRAME loaded cannot read or write data into the page
unless it’s in the same origin !
SOP

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Introduced as a mechanism to mitigate code injection
➢ Directives defines:
○ From where and what content are allowed to load
○ In which context the content is allowed to execute
➢ It’s a mitigation not first line of defense!
CSP

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Directives:
○ default-src
○ script-src
○ object-src
○ style-src
○ image-src
○ frame-src
CSP - Directives

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Keywords:
○ ‘*’
○ 'none'
○ 'self'
○ 'unsafe-inline'
○ 'unsafe-eval'
CSP - Keywords

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ HTTP Headers
○ <?php header('Content-Security-Policy: default-src https://cdn.example.net;
object-src 'none'"’);?>
➢ Meta tag in HTML
○ <meta http-equiv="Content-Security-Policy" content="default-src
https://cdn.example.net; object-src 'none'">
CSP

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ unsafe-inline, unsafe-eval, data:
○ whole purpose of CSP is defeated
➢ Eg: default-src: ’self’;script-src: ‘unsafe-inline’
○ Bypass : <script>alert(1)</script>
CSP - Common mistakes

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
CSP - Common mistakes

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Nonces:
○ Nonce must be a random string
○ Should not be reused
○ Should not be guessable
CSP - Common mistakes

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
➢ Examples of bad nonce
○ Request 1- D29162F1B99108DDA2406C697FFAC27586F42C7D021669F01F720CEEACBB06F5
○ Request 2- D29162F1B99108DDA2406C697FFAC27586F42C7D021669F01F720CEEACBB06F5
○ e10adc3949ba59abbe56e057f20f883e - md5(123456)
○ 1231441
CSP - Common mistakes

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
Demo

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
CSP Bypass
CSP - bypass

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
Escaping the expression sandbox for XSS
XSS via Angular JS

Team bi0s
Amrita Center for Cybersecurity, Amritapuri
Thanks
@Akhil_Mahendra

Weitere ähnliche Inhalte

Was ist angesagt?

Hacking - Breaking Into It

CTruncer

Video recording of the talk: https://www.youtube.com/watch?v=t0VljE9kq1Q As an engineer working on any web stack, you may have heard about Blocking and Non-Blocking IO. You may as well have used any framework or library that supports Non-Blocking IO. After all, they are very useful as you don’t want to block execution of other tasks while one task is waiting to complete a network call to another service (like HTTP call to an API or may be a TCP call to your database). Non-Blocking IO while doing tasks and not wait for IO. This also helps us handle a lot many connections than we possibly could with Blocking IO. Python supports Non-Blocking IO, but we always use some existing 3rd party library that hides all the gory details and makes it all look like black magic to the uninitiated. But there is nothing like black magic. This presentation will be an introductory talk focused at explaining how Non-Blocking IO works, which is the basis of libraries like Gevent, Tornado and Twisted. We will learn about how Non-Blocking IO can be implemented using the most basic modules that form the base for the above mentioned libraries. Hopefully after this talk, Non-Blocking IO will not be an unsolved mystery for you anymore.

Understanding Non Blocking I/O with Python

Vaidik Kapoor

Same-origin Policy (SOP)

Netsparker

Bringing Down the House - How One Python Script Ruled Over AntiVirus

CTruncer

Security Bootcamp 2013 - Automated malware analysis - Nguyễn Chấn Việt

Security Bootcamp

What Goes In Must Come Out: Egress-Assess and Data Exfiltration

CTruncer

Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf

drewz lin

The state of JavaScript Linting - English version

Michael Kühnel

The State of the Veil Framework

VeilFramework

Web security at Meteor (Pivotal Labs)

Emily Stark

AntiVirus Evasion Reconstructed - Veil 3.0

CTruncer

ECMAScript 6, in short ES6, has been boiling in a copper pot for many years by now and step-by-step, browser vendors come forward to taste the first sips of this mystery soup. So, ES6 is no longer a theoretic language but already crawled across the doorstep and now lurks under your bed, ready for the nasty, waiting for the right moment to bite. Now, what is this whole ES6 thing? How did it develop and who made it? And why is it now implemented in your favorite browser? And what does it mean for web-security and beyond? This talk will answer these questions and showcase the new language from an attacker's perspective. You will see the new code constructs possible to be executed with ES6, new attack vectors and learn what you can do to tame that beast. Kafkaesque terminology such as expression interpolation, proper tail calls, computed properties, spread parameters, modules and tagged template strings will no longer be surprising you after attending this talk.

ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes,...

Mario Heiderich

Web Uygulamalarının Hacklenmesi

Ömer Çıtak

An EyeWitness View into your Network

CTruncer

Phu appsec13

drewz lin

Why Rust? - Matthias Endler - Codemotion Amsterdam 2016

Codemotion

These slides were prepared by Ziyahan Albeniz for the presentation "Make CSRF Great Again" which he delivered at the NOPcon on the 11th of May 2017. In this presentation Netsparker's security reseacher Ziyahan explains all the technical details and the ins & outs of the CSRF attack. During the presentation Ziyahan also uses two real live CSRF issues, one in Yandex browser and one in Grammarly online service, which he discovered as an example. The video of the full presentation in Turkish is available here: https://www.youtube.com/watch?v=5bDbZ7_mjng

Make CSRF Again

Netsparker

This Edureka "Node.js tutorial" will help you to learn the Node.js fundamentals and how to create an application in Node.js. Node.js is an open-source, cross-platform JavaScript runtime environment for developing a diverse variety of server tools and applications. Below are the topics covered in this tutorial: 1) Client Server Architecture 2) Limitations of Multi-Threaded Model 3) What is Node.js? 4) Features of Node.js 5) Node.js Installation 6) Blocking Vs. Non – Blocking I/O 7) Creating Node.js Program 8) Node.js Modules 9) Demo – Grocery List Web Application using Node.js

Node.js Tutorial for Beginners | Node.js Web Application Tutorial | Node.js T...

Edureka!

Часто бывает так, что нужно делать фронтэнд когда бэкэнд еще не готов. В таком случае очень пригодится навык написания простенького сервера, который будет отвечать на запросы и возвращать JSON заготовки. Во время доклада Дмитрий Миндра делает такой REST сервер при помощи Node.js и показывает как им пользоваться. Также, Дмитрий рассказывает о технологиях, которые используются в SaaS проектах компании Oracle.

Построение простого REST сервера на Node.js | Odessa Frontend Code challenge

OdessaFrontend

Automatic constraints as a team maturity accelerator for startups

François-Guillaume Ribreau

Was ist angesagt? (20)

Hacking - Breaking Into It

Understanding Non Blocking I/O with Python

Same-origin Policy (SOP)

Bringing Down the House - How One Python Script Ruled Over AntiVirus

Security Bootcamp 2013 - Automated malware analysis - Nguyễn Chấn Việt

What Goes In Must Come Out: Egress-Assess and Data Exfiltration

Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf

The state of JavaScript Linting - English version

The State of the Veil Framework

Web security at Meteor (Pivotal Labs)

AntiVirus Evasion Reconstructed - Veil 3.0

ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes,...

Web Uygulamalarının Hacklenmesi

An EyeWitness View into your Network

Phu appsec13

Why Rust? - Matthias Endler - Codemotion Amsterdam 2016

Make CSRF Again

Node.js Tutorial for Beginners | Node.js Web Application Tutorial | Node.js T...

Построение простого REST сервера на Node.js | Odessa Frontend Code challenge

Automatic constraints as a team maturity accelerator for startups

Ähnlich wie The Art of Executing JavaScript by Akhil Mahendra

Tsc summit #2 - HTTP Header Security

Mikal Villa

Content Security Policy - Lessons learned at Yahoo

Binu Ramakrishnan

Developers are taught to 'never trust the browser' to execute their client-side JavaScript. The inability for a developer to trust a browser has far reaching implications from not trusting client-side validation, to never being really sure the TLS connection doesn't have a man-in-the-middle. Software security such as white-box cryptography & obfuscation have been used in native environments for many years, but these techniques are hard in JS. We'll explain how these techniques can now be applied to JS code running in a web browser to secure it from MITM attacks.

Now you can trust the browser - Ben Gidley, Tim Charman - Codemotion Amsterda...

Codemotion

In this presentation, we show promising new defense-in-depth techniques to protect modern web applications from old and new classes of bugs: Suborigins to have finer-grained control over origin boundaries, Site Isolation and XSDB against Spectre and Meltdown attacks, and last but not least Origin and Feature Policy. In addition to that, we explain new features of the upcoming CSP 3 specification like 'unsafe-hashed-attributes' and give an overview of how we were able to enforce CSP as a strong mitigation against cross-site scripting on over 50% of production web traffic at Google. With increased adoption new challenges arise: dealing with CSP report noise - generated by buggy browsers, extensions, malware and security software - devising an effective monitoring infrastructure, and keeping on top of bypassing techniques. In this presentation we reveal how our internal CSP infrastructure works and how we solved problems, share our experience, show real-world examples, best practices and common pitfalls. Finally, we hint at a new promising web mitigation technique, which we hope to see gaining traction in the near future: Suborigins.

CONFidence 2018: Defense-in-depth techniques for modern web applications and ...

PROIDEA

Web Apps Security

Victor Bucutea

Owasp top 10 2013

Edouard de Lansalut

Android P Security Updates: What You Need to Know

NowSecure

Hta t07-did-you-read-the-news-http-request-hijacking

Комсс Файквэе

The increasing capabilities and performance of the web platform allow for more feature-rich user experiences. How can JavaScript based applications utilize information security and cryptography principles? This session will explore the current state of JavaScript and Web Cryptography. We will review some basic concepts and definitions, discuss the role of TLS/SSL, show some working examples that apply cryptography to real-world use cases and take a peek at the upcoming W3C WebCryptoAPI. Code samples will use CryptoJS in the browser and the Node.js Crypto module on the server. An extended example will secure the popular TodoMVC project using PBKDF2 for key generation, HMAC for data integrity and AES for encryption.

Developer's Guide to JavaScript and Web Cryptography

Kevin Hakanson

Securing your web application through HTTP headers

Andre N. Klingsheim

This talk will focus on practical methods of identifying and bypassing modern enterprise class security solutions such as Load Balancers, both Network and Host-based Intrusion Prevention Systems (IPSs), Web Application Firewalls (WAFs), and Network Access Control Solutions (NAC). The goal of this talk is to show IT Personnel the common weaknesses in popular security products and how those products should be configured. The key areas are: * IPS Identification and Evasion * WAF Identification and Bypass * Anti-Virus Bypass * Privilege Escalation * Becoming Domain Admin

You Spent All That Money And Still Got Owned

Joe McCray

Secure Coding principles by example: Build Security In from the start - Carlo...

Codemotion

Site Security Policy - Yahoo! Security Week

guest9663eb

NOTES -- Slide 8 Some of the categories we will discuss are very broad like this one. Untrusted command – get / post / rest style params Clicks Surprise inputs Slide 13 Very broad too Little or no auth Auth with some bypass possibilities Some problem with how session is generated, managed, expired Insufficient sessionID protection Slide 18 When a user is tricked into clicking on a malicious link, submitting a specially crafted form, or even just browsing to a malicious site, the injected code travels to the vulnerable web site, which reflects the attack back to the user’s browser. Slide 27 Security hardening throughout Application Stack Unnecessary features enabled or installed? ports, services, pages, accounts, privileges Security settings in your development frameworks (e.g., Struts, Spring, ASP.NET) and libraries not set to secure values? Default accounts/ passwords still enabled and unchanged? Error handling reveal stack traces or other overly informative error messages to users? Software out of date? OS, Web Server, DBMS, applications, code libraries Slide 41 sign up for updates or do regular audits to see versions there might be technical dependencies easily exploited by attackers using metaspoilt, info gathering using headers & responses, etc. Slide 47 We can look at the architecture, give you tips around what you could use, what would be good. This would avoid making any major changes when the product is ready which would save everyone’s time in the long run. Have sprints with dedicated security features and use those as a selling point for our security conscious customers Slide 48 Carefully look at the license to make sure you can use it in your type of product. Ask Fallon if you are not sure Research how much support it gets, how popular it is Look to find out any vulnerabilities in it before you start using it Maintain it; Sign up for CVE updates Ask us if you need to get something reviewed Slide 50 Not only better and more features Security vulnerabilities get patched in new versions New versions get most attention by the companies and old ones stop getting support after some time fully Most Security Support by the community Turn on auto updates for Chrome; always look at updates on AppStore Slide 51 Use different passwords for different sites Password managers let you set complexity, generate random passwords, etc. Slide 52 Only grant access to whats needed to get the job done employee leaves; mistakes; vulnerabilities in other s/w which leverages this; Don’t install redundant software, plugins, etc. This opens up so much risk People forget to uninstall them; s/w doesn't get much attention from community; open ports are left; boom exploited by attackers; Slide 55 To prevent unintended execution actions e.g., fail open auth errors Leak minimal info about infrastructure as this info is leveraged by attackers to carry out further attacks

Security Ninjas: An Open Source Application Security Training Program

OpenDNS

Threat Modeling and OWASP Top 10 (2017 rc1)

Mike Tetreault

Symmetric key encryption new approach

mdhar123

Toronto mule meetup #5

Alexandra N. Martinez

Threat Modeling for Web Applications (and other duties as assigned)

Mike Tetreault

The new releases of Microsoft SQL Server: SQL Server 2016 & 2017 brings new functionality for Data Security Professionals. Newest release – SQL Server 2017 made those features even more mature. Now you can protect your data in your database anywhere (on-premise, in the cloud, in transit, in the hybrid environment) even more simply than before. Transparent Data Encryption with better algorithms and better support for backup, Row-Level Security, Dynamic Data Masking and Always Encrypted for your application are now simple features. Azure Security Center brings us a new way of looking and adopting security best practices in an easy way. We focus on theory and of course, on demos. We look a little closer for few specific files that exist in our environment. We work on all three different environments, but our goal is only one: protect your data.

ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!

ITCamp

Sitecore might be secure, but your site isn't

Bas Lijten

Ähnlich wie The Art of Executing JavaScript by Akhil Mahendra (20)

Tsc summit #2 - HTTP Header Security

Content Security Policy - Lessons learned at Yahoo

Now you can trust the browser - Ben Gidley, Tim Charman - Codemotion Amsterda...

CONFidence 2018: Defense-in-depth techniques for modern web applications and ...

Web Apps Security

Owasp top 10 2013

Android P Security Updates: What You Need to Know

Hta t07-did-you-read-the-news-http-request-hijacking

Developer's Guide to JavaScript and Web Cryptography

Securing your web application through HTTP headers

You Spent All That Money And Still Got Owned

Secure Coding principles by example: Build Security In from the start - Carlo...

Site Security Policy - Yahoo! Security Week

Security Ninjas: An Open Source Application Security Training Program

Threat Modeling and OWASP Top 10 (2017 rc1)

Symmetric key encryption new approach

Toronto mule meetup #5

Threat Modeling for Web Applications (and other duties as assigned)

ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!

Sitecore might be secure, but your site isn't

Mehr von Cysinfo Cyber Security Community

Understanding Malware Persistence Techniques by Monnappa K A

Cysinfo Cyber Security Community

Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK

Cysinfo Cyber Security Community

Emerging Trends in Cybersecurity by Amar Prusty

Cysinfo Cyber Security Community

A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai

Cysinfo Cyber Security Community

Closer look at PHP Unserialization by Ashwin Shenoi

Cysinfo Cyber Security Community

Unicorn: The Ultimate CPU Emulator by Akshay Ajayan

Cysinfo Cyber Security Community

Reversing and Decrypting Malware Communications by Monnappa

Cysinfo Cyber Security Community

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

Cysinfo Cyber Security Community

Analysis of android apk using adhrit by Abhishek J.M

Cysinfo Cyber Security Community

Understanding evasive hollow process injection techniques monnappa k a

Cysinfo Cyber Security Community

Security challenges in d2d communication by ajithkumar vyasarao

Cysinfo Cyber Security Community

S2 e (selective symbolic execution) -shivkrishna a

Cysinfo Cyber Security Community

Dynamic binary analysis using angr siddharth muralee

Cysinfo Cyber Security Community

Bit flipping attack on aes cbc - ashutosh ahelleya

Cysinfo Cyber Security Community

Security Analytics using ELK stack

Cysinfo Cyber Security Community

Linux Malware Analysis

Cysinfo Cyber Security Community

Introduction to Binary Exploitation

Cysinfo Cyber Security Community

ATM Malware: Understanding the threat

Cysinfo Cyber Security Community

XXE - XML External Entity Attack

Cysinfo Cyber Security Community

Image (PNG) Forensic Analysis

Cysinfo Cyber Security Community

Mehr von Cysinfo Cyber Security Community (20)

Understanding Malware Persistence Techniques by Monnappa K A

Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK

Emerging Trends in Cybersecurity by Amar Prusty

A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai

Closer look at PHP Unserialization by Ashwin Shenoi

Unicorn: The Ultimate CPU Emulator by Akshay Ajayan

Reversing and Decrypting Malware Communications by Monnappa

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

Analysis of android apk using adhrit by Abhishek J.M

Understanding evasive hollow process injection techniques monnappa k a

Security challenges in d2d communication by ajithkumar vyasarao

S2 e (selective symbolic execution) -shivkrishna a

Dynamic binary analysis using angr siddharth muralee

Bit flipping attack on aes cbc - ashutosh ahelleya

Security Analytics using ELK stack

Linux Malware Analysis

Introduction to Binary Exploitation

ATM Malware: Understanding the threat

XXE - XML External Entity Attack

Image (PNG) Forensic Analysis

Kürzlich hochgeladen

Define the academic and professional writing..pdf

PearlKirahMaeRagusta1

(Vivek)Call Us, 8448380779,Call girls in Delhi NCr – We Offer best in class call girls. escort Service At Affordable Price At low Rate with Space Night 8000 We Are One Of The Oldest Escort and Call girls Agencies in Delhi. You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Escort Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call:- You Can Come At Our Place in Delhi Our place Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call:- You have To Come Pick The Girl From My Place We Are Also Provide Door Step Services (Delhi Ncr, Noida, Gurgaon, Faridabad, Ghaziabad Note:- Pic Collectors Time Passers Bargainers Stay Away As We Respect The Value For Your Money Time And Expect The Same From You Hygienic:- Full Ac room And Clean Rooms Available In Hotel 24 * 7 Hourly In Delhi NCR More Details, With WhatsApp Number, +91-8448380779

call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️

Delhi Call girls

How To Troubleshoot Collaboration Apps for the Modern Connected Worker

ThousandEyes

Investing in AI transformation today The modern business advantage: Uncovering deep insights with AI Organizations around the world have come to recognize AI as the transformative technology that enables them to gain real business advantage. AI’s ability to organize vast quantities of data allows those who implement it to uncover deep business insights, augment human expertise, drive operational efficiency, transform their products, and better serve their customers

Microsoft AI Transformation Partner Playbook.pdf

Willy Marroquin (WillyDevNET)

Data spaces in distributed environments should be allowed to evolve in agile ways providing data space owners with large flexibility about which data they store. Agility and heterogeneity, however, jeopardize data exchanges because representations may build on varying ontologies and data consumers may not rely on the semantic correctness of their queries in the context of semantically heterogeneous, evolving data spaces. Graph data spaces are one example of a powerful model for representing and querying data whose semantics may change over time. To assert and enforce conditions on individual graph data spaces, shape languages (e.g SHACL) have been developed. We investigate the question of how querying and programming can be guarded by reasoning over SHACL constraints in a distributed setting and we sketch a picture of how a future landscape based on semantically heterogeneous data spaces might look like.

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...

Steffen Staab

Model Call Girl Services in Delhi reach out to us at 🔝 9953056974 🔝✔️✔️ Our agency presents a selection of young, charming call girls available for bookings at Oyo Hotels. Experience high-class escort services at pocket-friendly rates, with our female escorts exuding both beauty and a delightful personality, ready to meet your desires. Whether it's Housewives, College girls, Russian girls, Muslim girls, or any other preference, we offer a diverse range of options to cater to your tastes. We provide both in-call and out-call services for your convenience. Our in-call location in Delhi ensures cleanliness, hygiene, and 100% safety, while our out-call services offer doorstep delivery for added ease. We value your time and money, hence we kindly request pic collectors, time-passers, and bargain hunters to refrain from contacting us. Our services feature various packages at competitive rates: One shot: ₹2000/in-call, ₹5000/out-call Two shots with one girl: ₹3500/in-call, ₹6000/out-call Body to body massage with sex: ₹3000/in-call Full night for one person: ₹7000/in-call, ₹10000/out-call Full night for more than 1 person: Contact us at 🔝 9953056974 🔝. for details Operating 24/7, we serve various locations in Delhi, including Green Park, Lajpat Nagar, Saket, and Hauz Khas near metro stations. For premium call girl services in Delhi 🔝 9953056974 🔝. Thank you for considering us!

CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE

9953056974 Low Rate Call Girls In Saket, Delhi NCR

Unlocking the Future of AI Agents with Large Language Models

aagamshah0812

+971565801893 Mtp-Kit (500MG) Prices » Dubai [(+971565801893**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Leen Whatsapp +971565801893 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971565801893''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971565801893' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Clinic in Abu Dhabi, United Arab Emirates.+971565801893

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...

Health

Looking for an efficient way to manage your finances? Look no further than our money management app. With easy-to-use features, you can track your expenses, create budgets, and monitor your savings goals all in one place. Our app provides real-time updates on your spending habits and helps you make smarter financial decisions. Take control of your finances today with our user-friendly money management app.

Right Money Management App For Your Financial Goals

Jhone kinadey

Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf

kalichargn70th171

In the realm of real-time applications, Large Language Models (LLMs) have long dominated language-centric tasks, while tools like OpenCV have excelled in the visual domain. However, the future (maybe) lies in the fusion of LLMs and deep learning, giving birth to the revolutionary concept of Large Action Models (LAMs). Imagine a world where AI not only comprehends language but mimics human actions on technology interfaces. For example, the Rabbit r1 device presented at CES 2024, driven by an AI operating system and LAM, brings this vision to life. It executes complex commands, leveraging GUIs with unprecedented ease. In this presentation, join me on a journey as a software engineer tinkering with WebRTC, Janus, and LLM/LAMs. Together, we’ll evaluate the current state of these AI technologies, unraveling the potential they hold for shaping the future of real-time applications.

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications

Alberto González Trastoy

Many specialized tools cater to distinct stages within the software development lifecycle (SDLC). These tools target various aspects of development, delivery, and operations, each with its unique strengths. Uniting these diverse testing needs into a single continuous testing platform presents several challenges. Such a platform must seamlessly integrate with various development tools and environments, accommodate different testing methodologies, and remain flexible to adapt to organizational processes and quality standards.

The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...

kalichargn70th171

A Secure and Reliable Document Management System is Essential.docx

ComplianceQuest1

8257 interfacing 2 in microprocessor for btech students

HimanshiGarg82

Azure Native Qumulo scales elastically for common High Performance Compute (HPC) workloads based on application requirements for: Financial Services, Automotive, Genomics / Life Sciences, Media and Entertainment, Energy, Oil and Gas, etc. Performance can be dialed UP (and back down) much higher than the examples shown here. These slides offer a glimpse into ANQ's HPC capabilities, although at a smaller scale. We invite YOU to do your own testing (with a free ANQ trial) and work with us to test your HPC workloads in Azure.

Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf

ryanfarris8

Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...

OnePlan Solutions

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live Booking Contact Details :- WhatsApp Chat :- [+91-9999965857 ] The Best Call Girls Delhi At Your Service Russian Call Girls Delhi Doing anything intimate with can be a wonderful way to unwind from life's stresses, while having some fun. These girls specialize in providing sexual pleasure that will satisfy your fetishes; from tease and seduce their clients to keeping it all confidential - these services are also available both install and outcall, making them great additions for parties or business events alike. Their expert sex skills include deep penetration, oral sex, cum eating and cum eating - always respecting your wishes as part of the experience (29-April-2024(PSS)

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live

Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure

HR Software Buyers Guide in 2024 - HRSoftware.com

Fatema Valibhai

Conference: Engage2024 in Antwerp Type: Workshop Speakers: Florian Vogler, Henning Kunz, Christoph Adler Title: Navigating the Future with The Hitchhiker's Guide to Notes and Domino 14 Abstract: Embark on an exhilarating journey with industry trailblazers Florian Vogler, Henning Kunz, and Christoph Adler in this not-to-be-missed workshop at the forefront of the tech universe. Get ready for a thrilling kick-off as we navigate the current state of the HCL universe, setting the stage for an exploration of the groundbreaking Notes and Domino 14. Discover the latest enhancements and revolutionary features that will redefine your experience. In this interactive session, unlock a treasure trove of tips and tricks to elevate your utilization of version 14, both with and without the game-changing panagenda MarvelClient. Brace yourself for also diving into Nomad, Nomad Web, and VoltMX, expanding your horizons in the expansive HCL landscape. Be a part of this exclusive opportunity to stay ahead in the ever-evolving world of HCL technologies. Your journey to mastering Notes and Domino 14 begins here. And remember, in the spirit of intergalactic exploration, don't forget to bring your towel!

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...

panagenda

In the past six months, the AI landscape has undergone a massive transformation, ushering in a new era of productivity with the latest in Large Language Models (LLMs) and AI technology. This deep dive unlocks how to: Create CustomGPT Models: No coding needed to tailor AI for your unique projects. Integrate your own data, including PDFs and Excel sheets, making information handling a breeze. Plus, discover how to call your own actions/integrations for even more personalized utility. Navigate Advanced Prompting: Overcome AI's memory limits and utilize Retrieval-Augmented Generation for accessing your personalized data, streamlining how you interact with AI. Stay Ahead with AI Trends: Peek into the evolving world of LLMs, featuring newcomers like Google Gemini, Anthropic Claude, Open Sora, and Twitter Grok, and understand what their advancements mean for your productivity. Witness Real-Life Transformations: Through examples and prompt demonstrations, see firsthand how these AI strategies revolutionize routine tasks, from data analysis to content creation. Learn to leverage image output and input for advanced practical use cases, adding a new dimension to your productivity toolkit. No previous coding or AI experience is needed for this talk. Stay ahead in the fast-evolving world of work. Embrace the AI revolution and transform your workflow with advanced LLM techniques. Join us to ensure you're not left behind in the productivity race.

AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques

VictorSzoltysek

Kürzlich hochgeladen (20)

Define the academic and professional writing..pdf

call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️

How To Troubleshoot Collaboration Apps for the Modern Connected Worker

Microsoft AI Transformation Partner Playbook.pdf

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...

CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE

Unlocking the Future of AI Agents with Large Language Models

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...

Right Money Management App For Your Financial Goals

Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications

The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...

A Secure and Reliable Document Management System is Essential.docx

8257 interfacing 2 in microprocessor for btech students

Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf

Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live

HR Software Buyers Guide in 2024 - HRSoftware.com

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...

AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques

The Art of Executing JavaScript by Akhil Mahendra

1. Team bi0s Amrita Center for Cybersecurity, Amritapuri The Art of Executing Javascript

2. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Akhil Mahendra ➢ Web application security enthusiast ➢ CTFer{@teambi0s} ➢ @Akhil_Mahendra About

3. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Introduction - XSS ➢ Types of XSS and different context ➢ Same Origin Policy ➢ Content Security Policy ➢ XSS via Angular JS Agenda

4. Team bi0s Amrita Center for Cybersecurity, Amritapuri Attack with a wrong name ? Introduction

5. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Still exists after 18 years ! ➢ NO.7 in OWASP top 10 2017 ➢ Most commonly reported security vulnerability Introduction

6. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Stealing user cookies ➢ Keylogger ➢ Deface website Introduction - Impact

7. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Reflected XSS ➢ Stored XSS ➢ DOM based XSS Types of XSS

8. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ HTML ➢ Attribute ➢ Script ➢ Style ➢ Url Different Context

9. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ User input comes inside HTML elements ○ <p>Injection</p> ➢ POC ○ <script>alert(1)</script> Different Context -html context

10. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ User input comes inside HTML attributes ○ <p class = ” Injection ”> </p> ○ <p Injection = ” test123 ”> </p> ➢ POC ○ " onmouseover="alert(1)"> ○ onmouseover="alert(1)" class Different Context -attribute context

11. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ User input comes inside <script> tags ○ <script> var a = ‘ Injection ‘; </script> ➢ POC ○ ‘;alert(1);// Different Context -script context

12. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ User input comes inside <script> tags ○ <p style “ color: injection ” > </p> ➢ POC ○ expression(alert(1)); Different Context -style context

13. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ User input comes inside <script> tags ○ <a href = ” injection ” > click </a> ➢ POC ○ javascript:alert(1) Different Context -url context

14. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Scripts on a page can make HTTP request and process responses between hosts that has the same: Protocol, Hostname, Port ➢ An IFRAME loaded cannot read or write data into the page unless it’s in the same origin ! SOP

15. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Still exists after 18 years ! ➢ NO.7 in OWASP top 10 2017 ➢ Most commonly reported security vulnerability SOP

16. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Introduced as a mechanism to mitigate code injection ➢ Directives defines: ○ From where and what content are allowed to load ○ In which context the content is allowed to execute ➢ It’s a mitigation not first line of defense! CSP

17. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Directives: ○ default-src ○ script-src ○ object-src ○ style-src ○ image-src ○ frame-src CSP - Directives

18. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Keywords: ○ ‘*’ ○ 'none' ○ 'self' ○ 'unsafe-inline' ○ 'unsafe-eval' CSP - Keywords

19. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ HTTP Headers ○ <?php header('Content-Security-Policy: default-src https://cdn.example.net; object-src 'none'"’);?> ➢ Meta tag in HTML ○ <meta http-equiv="Content-Security-Policy" content="default-src https://cdn.example.net; object-src 'none'"> CSP

20. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ unsafe-inline, unsafe-eval, data: ○ whole purpose of CSP is defeated ➢ Eg: default-src: ’self’;script-src: ‘unsafe-inline’ ○ Bypass : <script>alert(1)</script> CSP - Common mistakes

21. Team bi0s Amrita Center for Cybersecurity, Amritapuri CSP - Common mistakes

22. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Nonces: ○ Nonce must be a random string ○ Should not be reused ○ Should not be guessable CSP - Common mistakes

23. Team bi0s Amrita Center for Cybersecurity, Amritapuri ➢ Examples of bad nonce ○ Request 1- D29162F1B99108DDA2406C697FFAC27586F42C7D021669F01F720CEEACBB06F5 ○ Request 2- D29162F1B99108DDA2406C697FFAC27586F42C7D021669F01F720CEEACBB06F5 ○ e10adc3949ba59abbe56e057f20f883e - md5(123456) ○ 1231441 CSP - Common mistakes

24. Team bi0s Amrita Center for Cybersecurity, Amritapuri Demo

25. Team bi0s Amrita Center for Cybersecurity, Amritapuri CSP Bypass CSP - bypass

26. Team bi0s Amrita Center for Cybersecurity, Amritapuri Escaping the expression sandbox for XSS XSS via Angular JS

27. Team bi0s Amrita Center for Cybersecurity, Amritapuri Thanks @Akhil_Mahendra

The Art of Executing JavaScript by Akhil Mahendra

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie The Art of Executing JavaScript by Akhil Mahendra

Ähnlich wie The Art of Executing JavaScript by Akhil Mahendra (20)

Mehr von Cysinfo Cyber Security Community

Mehr von Cysinfo Cyber Security Community (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

The Art of Executing JavaScript by Akhil Mahendra