Hackers of India

Top 10 Web 2.0 Attacks and Exploits

 Shreeraj Shah 

2010/07/01

Abstract

We are in the era of Web 2.0 and new technologies like Ajax, Flex, Silverlight and SOA are reshaping the Internet landscape. We are witnessing new exploits and hacking methodologies in this new era. Following Web 2.0 exploits and hacking techniques will be discussed with demonstrations and cases

1.Blind SQL injection with JSON 2.Cross Widget exploits 3.One way CSRF attacks with XML 4.Asynchronous SQL poisoning 5.Ajax exploits for browser hijacking 6.DOM based Exploits with JavaScripts 7.SOAP attacks with XPATH 8.Hacking RSS feeds with payloads 9.Authorization bypass with Web 2.0 10.Cross Domain hacks and exploits

During this talk new tools, methodologies and countermeasures will be covered for securing Web 2.0 applications. Web 2.0 exploits can lead to complete application control, logical application hijacking and remote access to end user’s browser.