Muutke küpsiste eelistusi

Browser Hacker's Handbook [Pehme köide]

4.14/5 (98 hinnangut Goodreads-ist)
, ,
  • Formaat: Paperback / softback, 656 pages, kõrgus x laius x paksus: 234x185x36 mm, kaal: 1111 g
  • Ilmumisaeg: 08-Apr-2014
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1118662091
  • ISBN-13: 9781118662090
Teised raamatud teemal:
Browser Hacker's HandbookSuurem pilt
  • Formaat: Paperback / softback, 656 pages, kõrgus x laius x paksus: 234x185x36 mm, kaal: 1111 g
  • Ilmumisaeg: 08-Apr-2014
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1118662091
  • ISBN-13: 9781118662090
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781118662090.html
Märksõnad:
Hackers exploit browser vulnerabilities to attack deep within networks

The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.

The web browser has become the most popular and widely used computer "program" in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as:

  • Bypassing the Same Origin Policy
  • ARP spoofing, social engineering, and phishing to access browsers
  • DNS tunneling, attacking web applications, and proxying—all from the browser
  • Exploiting the browser and its ecosystem (plugins and extensions)
  • Cross-origin attacks, including Inter-protocol Communication and Exploitation

The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.

Introduction xv
Chapter 1 Web Browser Security
1(30)
A Principal Principle
2(1)
Exploring the Browser
3(1)
Symbiosis with the Web Application
4(1)
Same Origin Policy
4(1)
HTTP Headers
5(1)
Markup Languages
5(1)
Cascading Style Sheets
6(1)
Scripting
6(1)
Document Object Model
7(1)
Rendering Engines
7(2)
Geolocation
9(1)
Web Storage
9(1)
Cross-origin Resource Sharing
9(1)
HTML5
10(1)
Vulnerabilities
11(1)
Evolutionary Pressures
12(1)
HTTP Headers
13(2)
Reflected XSS Filtering
15(1)
Sandboxing
15(1)
Anti-phishing and Anti-malware
16(1)
Mixed Content
17(1)
Core Security Problems
17(1)
Attack Surface
17(3)
Surrendering Control
20(1)
TCP Protocol Control
20(1)
Encrypted Communication
20(1)
Same Origin Policy
21(1)
Fallacies
21(1)
Browser Hacking Methodology
22(9)
Summary
28(1)
Questions
28(1)
Notes
29(2)
Chapter 2 Initiating Control
31(46)
Understanding Control Initiation
32(1)
Control Initiation Techniques
32(1)
Using Cross-site Scripting Attacks
32(14)
Using Compromised Web Applications
46(1)
Using Advertising Networks
46(1)
Using Social Engineering Attacks
47(12)
Using Man-in-the-Middle Attacks
59(18)
Summary
72(1)
Questions
73(1)
Notes
73(4)
Chapter 3 Retaining Control
77(52)
Understanding Control Retention
78(1)
Exploring Communication Techniques
79(1)
Using XMLHttpRequest Polling
80(3)
Using Cross-origin Resource Sharing
83(1)
Using WebSocket Communication
84(2)
Using Messaging Communication
86(3)
Using DNS Tunnel Communication
89(7)
Exploring Persistence Techniques
96(1)
Using IFrames
96(2)
Using Browser Events
98(3)
Using Pop-Under Windows
101(3)
Using Man-in-the-Browser Attacks
104(6)
Evading Detection
110(1)
Evasion using Encoding
111(5)
Evasion using Obfuscation
116(13)
Summary
125(1)
Questions
126(1)
Notes
127(2)
Chapter 4 Bypassing the Same Origin Policy
129(54)
Understanding the Same Origin Policy
130(1)
Understanding the SOP with the DOM
130(1)
Understanding the SOP with CORS
131(1)
Understanding the SOP with Plugins
132(1)
Understanding the SOP with UI Redressing
133(1)
Understanding the SOP with Browser History
133(1)
Exploring SOP Bypasses
134(1)
Bypassing SOP in Java
134(6)
Bypassing SOP in Adobe Reader
140(1)
Bypassing SOP in Adobe Flash
141(1)
Bypassing SOP in Silverlight
142(1)
Bypassing SOP in Internet Explorer
142(1)
Bypassing SOP in Safari
143(1)
Bypassing SOP in Firefox
144(1)
Bypassing SOP in Opera
145(4)
Bypassing SOP in Cloud Storage
149(1)
Bypassing SOP in CORS
150(1)
Exploiting SOP Bypasses
151(1)
Proxying Requests
151(2)
Exploiting UI Redressing Attacks
153(17)
Exploiting Browser History
170(13)
Summary
178(1)
Questions
179(1)
Notes
179(4)
Chapter 5 Attacking Users
183(64)
Defacing Content
183(4)
Capturing User Input
187(1)
Using Focus Events
188(2)
Using Keyboard Events
190(2)
Using Mouse and Pointer Events
192(3)
Using Form Events
195(1)
Using IFrame Key Logging
196(1)
Social Engineering
197(1)
Using TabNabbing
198(1)
Using the Fullscreen
199(5)
Abusing UI Expectations
204(19)
Using Signed Java Applets
223(5)
Privacy Attacks
228(2)
Non-cookie Session Tracking
230(1)
Bypassing Anonymization
231(3)
Attacking Password Managers
234(2)
Controlling the Webcam and Microphone
236(11)
Summary
242(1)
Questions
243(1)
Notes
243(4)
Chapter 6 Attacking Browsers
247(64)
Fingerprinting Browsers
248(1)
Fingerprinting using HTTP Headers
249(4)
Fingerprinting using DOM Properties
253(5)
Fingerprinting using Software Bugs
258(1)
Fingerprinting using Quirks
259(1)
Bypassing Cookie Protections
260(1)
Understanding the Structure
261(2)
Understanding Attributes
263(2)
Bypassing Path Attribute Restrictions
265(3)
Overflowing the Cookie Jar
268(2)
Using Cookies for Tracking
270(1)
Sidejacking Attacks
271(1)
Bypassing HTTPS
272(1)
Downgrading HTTPS to HTTP
272(4)
Attacking Certificates
276(1)
Attacking the SSL/TLS Layer
277(1)
Abusing Schemes
278(1)
Abusing iOS
279(2)
Abusing the Samsung Galaxy
281(2)
Attacking JavaScript
283(1)
Attacking Encryption in JavaScript
283(3)
JavaScript and Heap Exploitation
286(7)
Getting Shells using Metasploit
293(1)
Getting Started with Metasploit
294(1)
Choosing the Exploit
295(1)
Executing a Single Exploit
296(4)
Using Browser Autopwn
300(2)
Using BeEF with Metasploit
302(9)
Summary
305(1)
Questions
305(1)
Notes
306(5)
Chapter 7 Attacking Extensions
311(60)
Understanding Extension Anatomy
312(1)
How Extensions Differ from Plugins
312(1)
How Extensions Differ from Add-ons
313(1)
Exploring Privileges
313(1)
Understanding Firefox Extensions
314(7)
Understanding Chrome Extensions
321(9)
Discussing Internet Explorer Extensions
330(1)
Fingerprinting Extensions
331(1)
Fingerprinting using HTTP Headers
331(1)
Fingerprinting using the DOM
332(3)
Fingerprinting using the Manifest
335(1)
Attacking Extensions
336(1)
Impersonating Extensions
336(3)
Cross-context Scripting
339(16)
Achieving OS Command Execution
355(4)
Achieving OS Command Injection
359(12)
Summary
364(1)
Questions
365(1)
Notes
365(6)
Chapter 8 Attacking Plugins
371(50)
Understanding Plugin Anatomy
372(1)
How Plugins Differ from Extensions
372(2)
How Plugins Differ from Standard Programs
374(1)
Calling Plugins
374(2)
How Plugins are Blocked
376(1)
Fingerprinting Plugins
377(1)
Detecting Plugins
377(2)
Automatic Plugin Detection
379(1)
Detecting Plugins in BeEF
380(2)
Attacking Plugins
382(1)
Bypassing Click to Play
382(6)
Attacking Java
388(12)
Attacking Flash
400(3)
Attacking ActiveX Controls
403(5)
Attacking PDF Readers
408(2)
Attacking Media Plugins
410(11)
Summary
415(1)
Questions
416(1)
Notes
416(5)
Chapter 9 Attacking Web Applications
421(92)
Sending Cross-origin Requests
422(1)
Enumerating Cross-origin Quirks
422(3)
Preflight Requests
425(1)
Implications
425(1)
Cross-origin Web Application Detection
426(1)
Discovering Intranet Device IP Addresses
426(1)
Enumerating Internal Domain Names
427(2)
Cross-origin Web Application Fingerprinting
429(1)
Requesting Known Resources
430(6)
Cross-origin Authentication Detection
436(4)
Exploiting Cross-site Request Forgery
440(1)
Understanding Cross-site Request Forgery
440(3)
Attacking Password Reset with XSRF
443(1)
Using CSRF Tokens for Protection
444(1)
Cross-origin Resource Detection
445(5)
Cross-origin Web Application Vulnerability Detection
450(1)
SQL Injection Vulnerabilities
450(15)
Detecting Cross-site Scripting Vulnerabilities
465(4)
Proxying through the Browser
469(3)
Browsing through a Browser
472(5)
Burp through a Browser
477(3)
Sqlmap through a Browser
480(2)
Browser through Flash
482(5)
Launching Denial-of-Service Attacks
487(1)
Web Application Pinch Points
487(2)
DDoS Using Multiple Hooked Browsers
489(4)
Launching Web Application Exploits
493(1)
Cross-origin DNS Hijack
493(2)
Cross-origin JBoss JMX Remote Command Execution
495(2)
Cross-origin GlassFish Remote Command Execution
497(4)
Cross-origin m0n0wall Remote Command Execution
501(1)
Cross-origin Embedded Device Command Execution
502(11)
Summary
508(1)
Questions
508(1)
Notes
509(4)
Chapter 10 Attacking Networks
513(92)
Identifying Targets
514(1)
Identifying the Hooked Browser's Internal IP
514(6)
Identifying the Hooked Browser's Subnet
520(3)
Ping Sweeping
523(1)
Ping Sweeping using XMLHttpRequest
523(5)
Ping Sweeping using Java
528(3)
Port Scanning
531(1)
Bypassing Port Banning
532(5)
Port Scanning using the IMG Tag
537(2)
Distributed Port Scanning
539(3)
Fingerprinting Non-HTTP Services
542(3)
Attacking Non-HTTP Services
545(1)
NAT Pinning
545(4)
Achieving Inter-protocol Communication
549(15)
Achieving Inter-protocol Exploitation
564(15)
Getting Shells using BeEF Bind
579(1)
The BeEF Bind Shellcode
579(6)
Using BeEF Bind in your Exploits
585(11)
Using BeEF Bind as a Web Shell
596(9)
Summary
599(1)
Questions
600(1)
Notes
601(4)
Chapter 11 Epilogue: Final Thoughts
605(4)
Index 609
WADE ALCORN is the creator of the BeEF open source browser exploitation framework, among toolswatch.orgs top 10 security tools.

CHRISTIAN FRICHOT is a lead developer of BeEF, as well as a leader of the Perth Open Web Application Security Project.

MICHELE ORRÙ is the lead core developer of BeEF, as well as a vulnerability researcher and social engineer.