What’s new in web hacking techniques of 2008

Posted by c4pr1c3 on January 29, 2009

The original article is here.Here is a very good summarization of the latest web hacking techniques. What does web hacking mean? XSS? SQL Injection? Actually, there have been many many more new web hacking techniques emerging in the last year. Some of them are kind of freak and some of them are targeting specific application context. Below is a list of these web hacking techniques of 2008.

  1. Cross-Site Printing
  2. CUPS Detection
  3. CSRFing the uTorrent plugin
  4. Clickjacking / Videojacking
  5. Bypassing URL Authentication and Authorization with HTTP Verb Tampering
  6. I used to know what you watched, on YouTube (CSRF + Crossdomain.xml)
  7. Safari Carpet Bomb
  8. Flash clipboard Hijack
  9. Flash Internet Explorer security model bug
  10. Frame Injection Fun
  11. Free MacWorld Platinum Pass? Yes in 2008!
  12. Diminutive Worm, 161 byte Web Worm
  13. SNMP XSS Attack (1)
  14. Res Timing File Enumeration Without JavaScript in IE7.0
  15. Stealing Basic Auth with Persistent XSS
  16. Smuggling SMTP through open HTTP proxies
  17. Collecting Lots of Free ‘Micro-Deposits’
  18. Using your browser URL history to estimate gender
  19. Cross-site File Upload Attacks
  20. Same Origin Bypassing Using Image Dimensions
  21. HTTP Proxies Bypass Firewalls
  22. Join a Religion Via CSRF
  23. Cross-domain leaks of site logins via Authenticated CSS
  24. JavaScript Global Namespace Pollution
  25. GIFAR
  26. HTML/CSS Injections – Primitive Malicious Code
  27. Hacking Intranets Through Web Interfaces
  28. Cookie Path Traversal
  29. Racing to downgrade users to cookie-less authentication
  30. MySQL and SQL Column Truncation Vulnerabilities
  31. Building Subversive File Sharing With Client Side Applications
  32. Firefox XML injection into parse of remote XML
  33. Firefox cross-domain information theft (simple text strings, some CSV)
  34. Firefox 2 and WebKit nightly cross-domain image theft
  35. Browser’s Ghost Busters
  36. Exploiting XSS vulnerabilities on cookies
  37. Breaking Google Gears’ Cross-Origin Communication Model
  38. Flash Parameter Injection
  39. Cross Environment Hopping
  40. Exploiting Logged Out XSS Vulnerabilities
  41. Exploiting CSRF Protected XSS
  42. ActiveX Repurposing, (1, 2)
  43. Tunneling tcp over http over sql-injection
  44. Arbitrary TCP over uploaded pages
  45. Local DoS on CUPS to a remote exploit via specially-crafted webpage (1)
  46. JavaScript Code Flow Manipulation
  47. Common localhost dns misconfiguration can lead to “same site” scripting
  48. Pulling system32 out over blind SQL Injection
  49. Dialog Spoofing – Firefox Basic Authentication
  50. Skype cross-zone scripting vulnerability
  51. Safari pwns Internet Explorer
  52. IE “Print Table of Links” Cross-Zone Scripting Vulnerability
  53. A different Opera
  54. Abusing HTML 5 Structured Client-side Storage
  55. SSID Script Injection
  56. DHCP Script Injection
  57. [File Download Inje
1
ction](http://www.aspectsecurity.com/documents/Aspect_File_Download_Injection.pdf)  58. [Navigation Hijacking (Frame/Tab Injection Attacks)](http://www.gnucitizen.org/blog/hijacking-innocent-frames/)  59. [UPnP Hacking via Flash](http://www.gnucitizen.org/blog/hacking-the-interwebs/)  60. [Total surveillance made easy with VoIP phone](http://www.gnucitizen.org/projects/total-surveillance-made-easy-with-voip-phones/)  61. [Social Networks Evil Twin Attacks](http://www.gnucitizen.org/blog/social-networks-evil-twin-attacks/)  62. [Recursive File Include DoS](http://websecurity.com.ua/2047/)  63. [Multi-pass filters bypass](http://websecurity.com.ua/2115/)  64. [Session Extending](http://websecurity.com.ua/2233/)  65. [Code Execution via XSS](http://securityvulns.ru/Udocument911.html) ([1](http://securityvulns.ru/Udocument941.html))  66. [Redirector’s hell](http://websecurity.com.ua/2670/)  67. [Persistent SQL Injection](http://securityvulns.ru/Vdocument24.html)[](http://powerofcommunity.net/poc2008/hasegawa.pptx)  68. [JSON Hijacking with UTF-7](http://powerofcommunity.net/poc2008/hasegawa.pptx)<a rel="nofollow" href="http://www.comsecglobal.com/FrameWork/Upload/SQL_Smuggling.pdf"></a>  69. [SQL Smuggling](http://www.comsecglobal.com/FrameWork/Upload/SQL_Smuggling.pdf)[](http://www.secforce.co.uk/media/presentations/OWASP_Abusing_PHP_sockets.pdf)  70. [Abusing PHP Sockets](http://www.secforce.co.uk/media/presentations/OWASP_Abusing_PHP_sockets.pdf) ([1](http://www.secforce.co.uk/media/tools/socket_attack.zip), [2](http://www.secforce.co.uk/media/demos/PHP_socket_hijacking_demo.html))[](http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-21)  71. [CSRF on Novell GroupWise WebAccess](http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-21)