security,web , What damage can a website do?


What damage can a website do?

Question:

Tag: security,web

Now and then I (accidentally) come across websites that my anti-virus warns me about. Out of curiosity, what kind of damage can a website do?

I've been working in web development for around 4 years now and can't think of any 'genuine' damage worth warning the user about. Maybe I'm missing something obvious, but surely browsers and basic security measures implemented by main operating systems prevent anything particularly invasive going on?

I'm talking about threats aside from anything deceptive by the way (phishing etc.). Could taxing the browser enough warrant an anti-virus warning (i.e. overload a page with resource-draining javascript)? Typically, cookies, caches and localstorage all have limits - so I can't think of what could go on there.

I suspect this may be slightly off-topic, as it's less technically specific than what I'd usually ask. I'll happily delete it if this is the case.


Answer:

The main risk is encountering a drive-by download.

A drive-by download isn't necessarily a file download in the usual sense, it could be a browser exploit that allows executable code to download and execute on your system (known as the payload).

One example is the Microsoft Internet Explorer colspan Element Processing Arbitrary Code Execution Vulnerability:

Microsoft Internet Explorer contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerability is due to improper processing of elements in web pages. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious website. If successful, the attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the user.

The vulnerability is due to improper handling of constantly changed colspan in a fixed table layout. If colspan could be increased after initialization, it could trigger a heap-based buffer overflow.

However, more recent exploits exist such as this one this year (2015) in Flash Player:

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors

Another attack vector from a website could be exploitation of a cross domain attack such as Cross Site Request Forgery. Such a malicious site could be making background requests to other sites you're logged into. For example, it might be making AJAX requests to https://facebook.com/delete_account (made up URL path), and as you're logged into Facebook your browser will pass cookies and the action would be triggered. That is, if Facebook did not have CSRF protection for the delete account function (I'm pretty sure it does though).

Another example of a cross domain attack is that the site may be trying to exploit any XSS flaw on another site you use. It could redirect you another site and capture your credentials as you log in, or it could do something more sneaky like request a site in the background and grab your session cookie. This requires the target site to contain such an XSS flaw however.


Related:


Android encryption and decryption of text fails


android,security,encryption,encryption-symmetric
I try to encrypt some text (here it is named code) and decrypt it again. For this i use a 4 digit Pin which is salted. After this the text is encrypted, also again some Base64 decoding, so i can safely output the String again. As i understand i have...

Run Golang as www-data


security,go
When I run a Node HTTP server app I usually call a custom function function runAsWWW() { try { process.setgid('www-data'); process.setuid('www-data'); } catch (err) { console.error('Cowardly refusal to keep the process alive as root.'); process.exit(1); } } from server.listen(8080,'localhost',null,runAsWWW); so the server is actually running as the www-data user to...

Spring service and Spring web app in one


spring,web-services,rest,spring-mvc,web
I'm making a Spring RESTFUL service and i wonder. Can I make a Spring RESTFUL service combine with a web app in a project. If it is possible, how to configure it? ....

how to compare only date from a model's datetimefield with current date?


python,linux,django,web,frameworks
I want to use Model.objects.filter(datetime_lte=datetime.datetime.now.date()) How exactly can I achieve this? I am using django 1.6.5. I want only records of current date. This will give all previous day's records also

Role concept in the authorization


java,security,authorization
I'm writing the following public interface SecurityService{ public Error tryLogin(String usr, String psw); public String getRoleCurrentUser(); //Attention here } and of course, there will be a couple implementations. For instance, now I have public SpringSecurityService{ @Autowired AuthenticationManager authenticationManager; public Error tryLogin(String usr, String psw){ //Implementation here } public String getRoleCurrentUser(){...

How can i make these tabs Responsive


javascript,html,css,web
When I open the site on a mobile then last tab merge with others tabs, and last tab will have a linebreak. But I am not expert in media Query in CSS3. How do I apply this code, if there is some other way then mine give your best solution...

User process can't see global shared memory created by service


c++,windows,security,winapi,memory-mapped-files
I have a Windows service (running in the system process) and a desktop application that need to share a configuration structure. The data originates in the app, but the user process doesn't have permission to create a global memory object so I create it when the service starts using CreateFileMapping()...

Protect images download theory


javascript,html5,image,security
I am a full-time developer but am building a site for my photography hobby. I dont want people to download my images and besides the usual procedures (disable right click, block hotlinks to my images etc.) i was thinking about a solution which would work 99% of the time. The...

Code fails for decrypting without salt or iv in Java


java,security,encryption,aes,password-encryption
I have a ciphertext and a 256-bit key to decrypt it, using AES. There is no salt or iv. I am using Java. I have implemented many of the solutions online, but they all use salts and input vectors. The following builds fine, but fails at runtime: "Salt not found."...

Securing JWT tokens in a AJAX call


security,jwt
Say site A has a piece of javascript that does an ajax call to an endpoint on site B. Site A uses a JWT generated from site B to authenticate the requests. Wouldn't a user be able to get the JWT, simply by inspecting (e.g Chrome) the request and it's...

Converting a ruby structure to a hash


ruby-on-rails,ruby,soap,web,savon
I've got a bit of a headache here - I'm pretty new to Ruby... I've got a structure like so returned from Savon... { :item => [{ :key => "result", :value=> "success" }, { :key => "data", :value=> { :item => [{ :key => "displayName", :value => "Matt" }, {...

Reverse ^ operator for decryption


c,algorithm,security,math,encryption
I'm trying to reverse the following code in order to provide a function which takes the buffer and decrypts it. void crypt_buffer(unsigned char *buffer, size_t size, char *key) { size_t i; int j; j = 0; for(i = 0; i < size; i++) { if(j >= KEY_SIZE) j = 0;...

Getting “format not a string literal and no format arguments” warning while using GTK+2


c,security,gcc,gtk,gcc-warning
I am getting an error like this: warning: format not a string literal and no format arguments [-Wformat-security] GTK_BUTTONS_OK, (const gchar*)message); ^ because of this function: static void show_message (gchar *message, GtkMessageType type) { GtkWidget *dialog = gtk_message_dialog_new(NULL, 0, type, GTK_BUTTONS_OK, message); gtk_dialog_run(GTK_DIALOG(dialog)); gtk_widget_destroy(dialog); } How can I fix it?...

Is client-side java intrinsically less secure than javascript?


java,javascript,security
Much has been made of a series of bugs and exploits on client side java, leading to the blacklisting of various versions by apple, mozilla, etc. Yet javascript is an even less controlled language without static typing. Today javascript allows for many of the same potential problems: local storage, accessing...

Web API returning null JSON objects C#


json,api,web,large-data-volumes
I have a web API returning 117k JSON objects. Edit: The API is calling MySQL to fetch 117k rows of data, putting them into a IEnumerable and sending them through JSON All I see is [{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},{},... the entire page... I wanted to ask how someone what is happening and how...

shared memory performance and protection from other processes


linux,security,shared-memory
I am trying to implement a JIT compiler (I have very geeky hobbies). I would like to have one main process that keeps some persistent variables, and a second process (that has been compiled just-in-time) that does some computation and can access and write on the persistent variables. The second...

File security System in java? [on hold]


java,file,security,encryption
i'm new to java world.I have a idea about file secure system.When i add a file to the application it will encrypt and store a folder in the installation path.If i need to see the file ,i need to login with my username and password and the file will automatically...

PHP: Secure a Rest Service with a Token mixed with Timestamp


php,rest,security,amazon-web-services,token
I have a rest service that my website calls it and I want to secure it from calling outside of my website as much as possible. I want to create a token mixed with timestamp, so the user can only call the service in 10 minutes (for example) with the...

Hide sensitive information from git changes


git,security
Is there a way to instruct git to hide my sensitive information. E.g. credentials.php (in local repository). Line1: $dbname = 'xyz'; Line2: $dbpassword = 'password'; credentials.php (in github repository and history). Line1: $dbname = 'xyz'; Line2: $dbpassword = 'xxxxxxxx'; So git automatically hides the information with 'x'. If not via...

Needs advice for buying Web Server [on hold]


web,server
Are there any guides for buying web servers and setting them up? I am going to just be making basic websites.

Is there any way to find out when an album got added to spotify with the web api?


javascript,api,web,timestamp,spotify
My usecase is to present the latest added album of an artist (regardless of releasedate). I use the https://api.spotify.com/v1/artists/[artistId]/albums to get the albums but I can't find any information about how the response is ordered. Is it random or actually sorted by the date the album got added to spotify?...

salt created by Java SecureRandom has different getBytes() value [duplicate]


java,security,salt
This question already has an answer here: how to convert byte array to string and vice versa 13 answers I use java SecureRandom to create salt to encrypt user. However, when I tried to match user with salt and password, they failed on different machine. The user is created...

Why the names of some css, js files have random numbers in them?


html,web,filenames
Some websites seem to have file names such as 'assets/app-02b4523sev8fsd56e.js'. I have noticed that these numbers do not change though, so I thought it has something to do with security but I am not sure. Is there any reason behind this?

Is a site with html and javascript secure


javascript,html,css3,security
IF: I write a site in HTML5, Javascript and CSS3. It has no forms or any input other than mouse clicks on links. No logins. No messaging. No comments. Will this site have vulnerabilities? For the 2nd time in a month, I've been notified by my host there are files...

How to secure configuration file containing database username and password


php,security
Issue In order to connect my PHP code with MySQL database I use PDO way, creating variable, assigning it with new PDO object where arguments contain settings such as server, database, login and password. So in resulting code it could look like this: $DAcess=new PDO("mysql:host=server;dbname=database","login","password"); I don't feel comfortable having...

How to restrict file copying shared using Content Provider in Android?


android,security
Is it possible to forbid making copies of files for third party applications (like adobe reader), that I am using to open pdf files stored in internal memory of my application?

Am I safe?? [trying to prevent sql injection] [duplicate]


php,mysql,security,laravel,pdo
This question already has an answer here: How can I prevent SQL-injection in PHP? 28 answers I was wondering if I'm safe from SQL injection if I have this in a script: < script> //some stuff var item = <?php echo json_oncode($PHPVAR) ?> item.replace(/"/,'&quot').replace(/'/,'&#39'); //do more script stuff with...

Scraping Javascript webpage (script error occurred)


javascript,html,vb.net,web,scrape
I am scraping a dynamic webpage which is a javascript based webpage. I have done codes which is used to load the webpage first in the program: Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load WebBrowser1.Navigate("http://www.changiairport.com/flight-info/flight-status/passenger-departures") End Sub However, each time I run the program, script...

When a security update is applied as a patch, does the product name change?


security,patch
When a security update is applied as a patch, does the product name change? I.e. Windows Server 2008 If this server undergoes a patch and/or security update, does it still appear as Windows Server 2008, or does it have to undergo a name change - I.e Windows Server 2008 version...

Android how to handle sensitive data in memory


android,security,passwords
Please I have the following scenario: the app uses a password to access to some remote webservice over HTTPS; to do so, the app asks the user the password, does NOT store it on the device (and use it in a safe manner to access the webservice). My concern is...

Placing secure data in Java web application


java,security,tomcat
The question is about security in tomcat, but first consider the following example: Suppose you have apache web server. Then, under www folder, create folder named dist, and under folder dist create folder named bdf23b1c-ddd3-4d5b-8fdf-948693674011. Under this folder create some file with secure information. For example, some private picture you...

X509Certificate: what is the difference between getIssuerDN() and getSubjectDN() methods


java,security,authentication,x509
I'm using X509Certificate class in java, and when I want to get the subject name I try: x509certificate.getIssuerDN().getName(); and x509certificate.getSubjectDN().getName(); both methods have the same result. So what is the difference between them ??...

Three js, block textures are blured


javascript,web,three.js
I'm trying to make a 3D block with the three.js library. I've done it. Now i wan't to put a texture on it. I did that and it's working : var textureHerbe = [ new THREE.MeshBasicMaterial({map:THREE.ImageUtils.loadTexture('img/texture/herbe/border.gif')}), new THREE.MeshBasicMaterial({map:THREE.ImageUtils.loadTexture('img/texture/herbe/border.gif')}), new THREE.MeshBasicMaterial({map:THREE.ImageUtils.loadTexture('img/texture/herbe/top.gif')}), new...

What damage can a website do?


security,web
Now and then I (accidentally) come across websites that my anti-virus warns me about. Out of curiosity, what kind of damage can a website do? I've been working in web development for around 4 years now and can't think of any 'genuine' damage worth warning the user about. Maybe I'm...

Configure Apache web server to perform SSL authentication


linux,apache,security,ssl,xampp
I'm trying to perform SSL authentication in apache web server, using XAMPP in Linux. After I configure httpd.conf like this, Apache server is failing to start. Can some one help me to fix this ? What is wrong with my configuration ? Alias /bitnami/ "/opt/lampp/apache2/htdocs/" Alias /bitnami "/opt/lampp/apache2/htdocs" <Directory "/opt/lampp/apache2/htdocs">...

How can I implement something like Play Store Description


javascript,jquery,html,web
Play Store (among so many other websites) shows the description of the item not completely, instead they show part of it, and it hides the rest. You can click on "Read More" in order to get to read the rest of the description, which (the button) will expand the description...

JQuery Animate() showing sticky behaviour with other elements in the same class


jquery,css,web
for some reason all the .inner-card elements show some kind of animation, it is as if they are all erratically calculating their positions, instead of just the one element with the mouse hovering over it being animated cleanly. any idea how can i fix this ? Link to Code HTML:...

Hashing passwords even when password is server-generated?


php,mysql,security,hash
Shall I hash users of my portal when password is generated by server and user cannot change it? Logically: User can't use this passwords anywhere else as it is server-generated. Even when somebody access database illegally, they can change password and see it, but it is useless for them as...

curved style for image


html,css3,web,styles
How to design the curved style for the image in 3d! The original image has to be show like below image. Because In 3d rotation I need to show it in dynamically like the below image. For editing in Photoshop for each image has take much time so it need...

Doc.Checkbox 'change' event does not occur in Websharper.UI.Next


web,f#,websharper
I have reactive Var variable varDone and Doc.Checkbox for its representation named cbDoc. After changing the value of varDone I need to call my function. For this, I wrote the code illustrated in the following pseudo-code: open WebSharper open WebSharper.UI.Next open WebSharper.UI.Next.Html open WebSharper.UI.Next.Notation // declaring reactive bool variable let...

Compare strings without being case-sensitive


javascript,web,compare,case-sensitive
I have problem with a variable I made (it's a string) in JavaScript. It will be prompt from the user and then with the switch I will check if it is true or not. Then when I input it upper case it will say it is identified as a another...

JQuery Add expiration to authentication token stored with HTML5 localStorage?


php,jquery,mysql,security,authentication
I am making a mobile game with JQuery Mobile, a multipage template (so all pages in 1 html file, which makes it usable with PhoneGap). Since it is HTML I am using JQuerys $.post function to send data to php scripts such as login.php, register.php, which add/update/delete data from the...

RSA encryption in Android and Java


java,android,security,encryption,rsa
I would like to encrypt a String with RSA encryption. My public/private keys were generated and stored in DB. In android, I use this code: public static String encryptRSAToString(String text, String strPublicKey) { byte[] cipherText = null; String strEncryInfoData=""; try { KeyFactory keyFac = KeyFactory.getInstance("RSA"); KeySpec keySpec = new X509EncodedKeySpec(Base64.decode(strPublicKey.trim().getBytes(),...

Unsure if website has been hacked with iframe


javascript,html,security,iframe
My website seems to be loading code which doesn't actually exist on my server. I know the problem is server-side because I've tested with other computers... The code seems to load a header and then put's my real website inside an iframe, strangely there are no ads or redirects which...

How I redirected according to PHP?


php,web
I am trying to redirect according to a state in my BD (which is 0 ), but when it changes to " 1" it continues routing the welcome page. The code I'm trying to use is below. $hash = $loggedInUser->user_id; //This is the variable that I use to declare my...

Change menu's height on scrolling


jquery,html,css,web,bootstrap
I want for my website, when I scroll down to minimize the menu's height. For example, my header is fixed top with height:150px . And when I scroll down, I want to resize with a height: 50px. I'm using bootstrap 3. So the class of my header is .navbar .navbar-fixed-top...

Is it possible for a user to modify site javascript in browser?


javascript,security
I don't know a lot about security, but I'm trying to figure out how to keep my site as safe as possible. I understand that as much stuff that I can handle on the backend the better, but for instances where I'd like to hold some variables on the client,...

Angular2 - Bootstrap v3 datetimepicker issue in FF and IE


web,bootstrap,bootstrap-datetimepicker,angular2
I am rather new to clientside web development and am currently learning how to work with Typescript, Angular2(0.27) and bootstrap. I know that Angular2 is still in heavy development, but I ran into an issue, of which I am not sure what (technology) exactly is causing it. The problem has...

Headers for security


security,http,header
I've been reading articles about the protection of your website and they say to place these 3 headers: X-Frame-Options: DENY X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff In my website to protect it from Website attacks, but I dont know how to declare it in my header, can someone help me with...