WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

New Whitepaper - "Second-order Code Injection Attacks"

From: "WebAppSecurity [Technicalinfo.net]" <webappsec () technicalinfo net>
Date: Mon, 1 Nov 2004 19:25:30 -0000
Hi List,

Figured some of you may be interested in my new whitepaper - "Second-order
Code Injection Attacks"

The paper is available from:
http://www.nextgenss.com/papers/SecondOrderCodeInjection.pdf

Abstract:
"Many forms of code injection targeted at web-based applications (for
instance cross-site scripting and SQL injection) rely upon the instantaneous
execution of the embedded code to carry out the attack (e.g. stealing a
user's current session information or executing a modified SQL query).  In
some cases it may be possible for an attacker to inject their malicious code
into a data storage area that may be executed at a later date or time.
Depending upon the nature of the application and the way the malicious data
is stored or rendered, the attacker may be able to conduct a second-order
code injection attack.

A second-order code injection attack can be classified as the process in
which malicious code is injected into a web-based application and not
immediately executed, but instead is stored by the application (e.g.
temporarily cached, logged, stored in a database) and then later retrieved,
rendered and executed by the victim."

Cheers,

Gunter
Previous By Date Next
Previous By Thread Next

Current thread: