Linkedin.com security team released a patch after receiving our DOMinatorPro Enterprise analysis report.
Update: The fix was actually faster than the fix notification. The fix was made in less than ten days.
DOMinatorPro Enterprise is very clever in finding exploitable JavaScript security issues on complex JavaScript web applications. You can find a PDF report that describes a new DOMXSS (https://www.owasp.org/index.php/DOM_Based_XSS) issue discovery in one of the major social media websites: Linkedin.com.
Linkedin.com DOMXSS Full PDF Report:
New improvements make DOMinatorPro Enterprise even more powerful!
DOMinatorPro Enterprise has new and improved features that make the discovery and exploitation of such complex issues very easy:
- “Smart Fuzzer”. DOMinatorPro Enterprise fuzzer is smarter: it collects actionable parameters and fill those parameters with the values expected by the javascript source code itself.
- Third Generation Exploitability Check. DOMinatorPro Enterprise not only follows strings manipulation functions, not only checks how many times encoding or decoding functions are called, it understands which meta-characters are allowed. This makes exploitability analysis one step further.
Linkedin.com is #9 in Alexa websites ranking and has more than 300 million users (http://blog.linkedin.com/2014/04/18/the-next-three-billion/) making it the world largest professional network.
Here at Minded Security it is not the first time that we find Javascript vulnerabilities in social network related javascript code on this blog to protect internet users. We already talked vulnerabilities affecting the following social network websites:
- Twitter - http://blog.mindedsecurity.com/2010/09/twitter-domxss-wrong-fix-and-something.html
- Google Plus (Google Plus One Button) - http://blog.mindedsecurity.com/2012/11/dom-xss-on-google-plus-one-button.html
- Facebook +AddThis Like Button - http://blog.mindedsecurity.com/2012/09/analysis-of-dom-xss-vulnerability-in.html
JavaScript security is very important, even more in portals where users store their personal data. Attackers can target those portals to find and exploit High-risk JavaScript vulnerabilities like DOMXSS vulnerabilities, to perform the following attacks:
- De-anonymize user identities. By abusing a DOMXSS attackers can instantly know the identity of their web visitors if the vulnerability is affecting a website like a social media portal.
- Private information stealing. Reading information from the page of the user page and sending those to the attacker (e.g. private messages)Account Takeover. Session hijacking, credential stealing or performing actions on the behalf of the user.
- Wormable Pandemic. These vulnerabilities let attackers to create JavaScript worms that could spread malicious content among millions of users.
No comments :
Post a Comment