Souphiane Bensalim, David Klein, Thomas Barber, Martin Johns
{"title":"谈论我们这一代人:使用动态数据流分析生成基于dom的XSS漏洞","authors":"Souphiane Bensalim, David Klein, Thomas Barber, Martin Johns","doi":"10.1145/3447852.3458718","DOIUrl":null,"url":null,"abstract":"Since the invention of JavaScript 25 years ago, website functionality has been continuously shifting from the server-side to the client-side. Web browsers have evolved into an application platform, and HTML5 emerged as a first-class environment for building rich cross-platform applications. This additional functionality on the client-side comes with the added risk of new security issues with increasingly severe consequences. In this work, we investigate the prevalence of DOM-based Cross-Site Scripting (DOM-based XSS) in the top 100,000 most popular websites using a novel targeted exploit generation technique based on dynamic data-flow tracking. In total, this work finds 15,710 potentially insecure dataflows where information from the URL is injected into the HTML of the Web page. Using large-scale exploit generation and validation services, 7199 of these flows lead to JavaScript execution, across 711 different domains. This represents a successful exploit rate of 45.82%, improving on previous methods by factors of 1.8 and 1.9 respectively.","PeriodicalId":329372,"journal":{"name":"Proceedings of the 14th European Workshop on Systems Security","volume":"91 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Talking About My Generation: Targeted DOM-based XSS Exploit Generation using Dynamic Data Flow Analysis\",\"authors\":\"Souphiane Bensalim, David Klein, Thomas Barber, Martin Johns\",\"doi\":\"10.1145/3447852.3458718\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since the invention of JavaScript 25 years ago, website functionality has been continuously shifting from the server-side to the client-side. Web browsers have evolved into an application platform, and HTML5 emerged as a first-class environment for building rich cross-platform applications. This additional functionality on the client-side comes with the added risk of new security issues with increasingly severe consequences. In this work, we investigate the prevalence of DOM-based Cross-Site Scripting (DOM-based XSS) in the top 100,000 most popular websites using a novel targeted exploit generation technique based on dynamic data-flow tracking. In total, this work finds 15,710 potentially insecure dataflows where information from the URL is injected into the HTML of the Web page. Using large-scale exploit generation and validation services, 7199 of these flows lead to JavaScript execution, across 711 different domains. This represents a successful exploit rate of 45.82%, improving on previous methods by factors of 1.8 and 1.9 respectively.\",\"PeriodicalId\":329372,\"journal\":{\"name\":\"Proceedings of the 14th European Workshop on Systems Security\",\"volume\":\"91 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-04-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 14th European Workshop on Systems Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3447852.3458718\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 14th European Workshop on Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3447852.3458718","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Talking About My Generation: Targeted DOM-based XSS Exploit Generation using Dynamic Data Flow Analysis
Since the invention of JavaScript 25 years ago, website functionality has been continuously shifting from the server-side to the client-side. Web browsers have evolved into an application platform, and HTML5 emerged as a first-class environment for building rich cross-platform applications. This additional functionality on the client-side comes with the added risk of new security issues with increasingly severe consequences. In this work, we investigate the prevalence of DOM-based Cross-Site Scripting (DOM-based XSS) in the top 100,000 most popular websites using a novel targeted exploit generation technique based on dynamic data-flow tracking. In total, this work finds 15,710 potentially insecure dataflows where information from the URL is injected into the HTML of the Web page. Using large-scale exploit generation and validation services, 7199 of these flows lead to JavaScript execution, across 711 different domains. This represents a successful exploit rate of 45.82%, improving on previous methods by factors of 1.8 and 1.9 respectively.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
