![]() In most browsers this doesn’t work anymore. SetTimeout("soundcloud_addlogin()", 5000) Back in the day, you could just do something like this and it would hide the window. It would be better if when we popped up the window, we hid it. In the OAuth examples I just popped up a window. This is probably the last one (yeah, finally – I’m sick of talking about CSRF too) then I’ll hopefully post the whole talk finally :) Hiding the CSRF with a popunder The 2013BH tag links to all posts related to my recent Blackhat EU talk I gave in March. There are probably a lot of techniques here, but there are two options I explored, using a popunder, and just making the window jump around/hard to close. How do we CSRF things that have X-Frame-Options enabled so we can’t use frames? We can always open a window, but a big popup isn’t really ideal. With some of the OAuth attacks from the last few posts, the identity providers did all in fact enable x-frame-options. With OAuth, protecting against UI redressing is even in the spec, so just creating a frame to do all your sneaky stuff won’t really work. X-Frame-Options is becoming more and more common.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |