Website Security Topics :: Jeremiah Grossman Blog
Vote Now! Top Ten Web Hacking Techniques of 2011
February 14, 2012
Every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. Beyond individual vulnerability instances with CVE numbers or system compromises, we’re talking about actual new and creative methods of Web-based attack. The Top Ten Web Hacking Techniques list encourages information sharing, provides a centralized knowledge-base, and recognizes researchers who contribute excellent work.
How the winners are selected…
Phase 1: Open community voting (Ballot)
From of the field of 50 total entries received listed below, each voter (open to everyone) ranks their fifteen favorite Web Hacking Techniques using a survey. Each entry (listed alphabetically) get a certain amount of points depending on how highly they are individually ranked in each ballot. For example, an each entry in position #1 will be given 15 points, position #2 will get 14 point, position #3 gets 13 points, and so on down to 1 point. At the end all points from all ballots will be tabulated to ascertain the top fifteen overall. And NO selecting the same attack multiple times! (they’ll be deleted).
Voting will close at the end of the day this Monday, February 20.
The more people who vote, the better the results! Vote Now!
Phase 2: Panel of Security Experts
From the result of the open community voting, the top fifteen Web Hacking Techniques will be voted upon by panel of security experts (to be announced soon). Using the exact same voting process as phase 1, the judges will rank the final fifteen based of novelty, impact, and overall pervasiveness. Once tabulation is completed, we’ll have the Top Ten Web Hacking Techniques of 2011!
Voting will close at the end of the day on Sunday, February 26.
Soon after the winners will be announced!
Good luck everyone.
The Big List:
- Abusing Flash-Proxies for client-side cross-domain HTTP requests [slides]
- Abusing HTTP Status Codes to Expose Private Information
- Bypassing Chrome’s Anti-XSS filter
- Bypassing Flash’s local-with-filesystem Sandbox
- CAPTCHA Hax With TesserCap
- CSRF with JSON – leveraging XHR and CORS
- CSRF: Flash + 307 redirect = Game Over
- Cross domain content extraction with fake captcha
- Crowd-sourcing mischief on Google Maps leads customers astray
- DNS poisoning via Port Exhaustion
- DOMinator – Finding DOMXSS with dynamic taint propagation
- Double eval() for DOM based XSS
- Drag and Drop XSS in Firefox by HTML5 (Cross Domain in frames)
- Excel formula injection in Google Docs
- Exploitation of “Self-Only” Cross-Site Scripting in Google Code
- Exploiting the unexploitable XSS with clickjacking
- Expression Language Injection
- Facebook: Memorializing a User
- Filejacking: How to make a file server from your browser (with HTML5 of course)
- Google Chrome/ChromeOS sandbox side step via owning extensions
- HOW TO: Spy on the Webcams of Your Website Visitors
- Hidden XSS Attacking the Desktop & Mobile Platforms
- How To Own Every User On A Social Networking Site
- How to get SQL query contents from SQL injection flaw
- How to upload arbitrary file contents cross-domain (2)
- JSON-based XSS exploitation
- Java Applet Same-Origin Policy Bypass via HTTP Redirect
- Kindle Touch (5.0) Jailbreak/Root and SSH
- Launch any file path from web page
- Lotus Notes Formula Injection
- Multiple vulnerabilities in Apache Struts2 and property oriented programming with Java
- NULLs in entities in Firefox
- Rapid history extraction through non-destructive cache timing (v8)
- Session Puzzling (aka Session Variable Overloading) Video 1, 2, 3, 4
- SpyTunes: Find out what iTunes music someone else has
- Stealth Cookie Stealing (new XSS technique)
- Stripping Referrer for fun and profit
- SurveyMonkey: IP Spoofing
- Temporal Session Race Conditions Video 2
- Text-based CAPTCHA Strengths and Weaknesses
- The Failure of Noise-Based Non-Continuous Audio Captchas
- Timing Attacks on CSS Shaders
- Tracking users that block cookies with a HTTP redirect
- Using Cross-domain images in WebGL and Chrome 13
- XSS in Skype for iOS
- XSS-Track as a HTML5 WebSockets traffic sniffer