JSONP attack explained

preview_player
Показать описание
Hacking-Lab exercise

LiveCD
  1. e1EN-research
Рекомендации по теме
JSONP attack explained 0:13:26

JSONP attack explained

Understanding JSONP 0:14:52

Understanding JSONP

Understanding JSONP - 0:03:37

Understanding JSONP - JSON with padding

Same Origin Method 0:44:30

Same Origin Method Execution (SOME) - Exploiting a Callback for Same Origin Policy Bypass

From JSONP to 0:10:39

From JSONP to XSS persistence - Claudio Contin

JSON Web Token 0:06:30

JSON Web Token Hacking

What is JSONP, 0:03:52

What is JSONP, and why was it created?

Resource Sharing, JSONP 0:41:19

Resource Sharing, JSONP vs CORS

Abusing JSON Requests 0:08:23

Abusing JSON Requests to get XSS

JSON & JSONP 0:30:38

JSON & JSONP Tutorial ( Basic to Advance )

Software Engineering: Security 0:01:21

Software Engineering: Security using jsonp

Michele Spagnuolo 0:38:41

Michele Spagnuolo Abusing JSONP With Rosetta Flash

Brad Hill, 'HTML5 0:36:27

Brad Hill, 'HTML5 Security Realities' at W3Conf 2013

CORS in 100 0:02:31

CORS in 100 Seconds

AppSec EU15 - 0:38:41

AppSec EU15 - Michele Spagnuolo - Abusing JSONP With Rosetta Flash

Doctype - Episode 0:10:02

Doctype - Episode 17 - JSONP & CSS Selectors (Part 1 of 2)

Andrew Curioso - 0:49:47

Andrew Curioso - Developing an API

JSON injection - 0:02:06

JSON injection - CompTIA CySA+ CS0-003 1.26

Same Origin Method 0:44:30

Same Origin Method Execution SOME Exploiting a Callback for Same Origin Policy Bypass

JavaScript : Is 0:01:34

JavaScript : Is JSON Hijacking still an issue in modern browsers?

'JWAT.... Attacking JSON 0:50:12

'JWAT.... Attacking JSON Web Tokens' - Louis

JSON to XXE 0:04:26

JSON to XXE Blind - hpAndro Vulnerable Application Challenge

024 Client Side 0:02:06

024 Client Side Attacks

Part 2/2 - 0:23:42

Part 2/2 - JavaScript JSONP API to fetch data from cross domain (Elements of Dynamic Web Design)

Комментарии
Автор

Very interesting video. Thanks for sharing.

Got a question, though. Why is it possible to retrieve the JavaScript contents from the JSONP endpoint, even though CORS ACAO header is present and properly configured? Shouldn't this dynamic JS loading be blocked by SOP, or are there any exceptions to specific Content-Types that are allowed through SOP?

machne
Автор

Thank you for covering this topic. So even if we load the script using <script src=""> and server has ACAO header whitelisted with a domain, wouldn't that block the request? i understand JSONP endpoint would respond with a function but does that still gets processed even though ACAO header is there? Is it only true for a file which responds with i guess.

testaccount
Автор

We need to host the request catcher too right ??

marvelmaniac_