Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

XSS Forgery attack against an Intranet applicaiton.

Posted on 2016-10-03
4
73 Views
Last Modified: 2016-10-05
I have an intranet ( NOT Internet ) application which is deployed on a clients server. The client does not have access to the source code for the website, meaning the C# and Asp.net code. At most the site will not have more than 3 users at any one time. Pretty low key site.

So my question is if such an intranet site is exempt from any type of XSS Forgery attack?
0
Comment
Question by:brgdotnet
  • 2
4 Comments
 
LVL 63

Assisted Solution

by:btan
btan earned 250 total points
ID: 41827463
Cross-Site Request Forgery (CSRF) is an attack where a malicious site sends a request to a vulnerable site where the user is currently logged in. So if your website does not have such login features then I see XFS unlikely to be applicable.

Also note
typically, CSRF attacks are possible against web sites that use cookies for authentication, because browsers send all relevant cookies to the destination web site. However, CSRF attacks are not limited to exploiting cookies. For example, Basic and Digest authentication are also vulnerable. After a user logs in with Basic or Digest authentication. the browser automatically sends the credentials until the session ends.
I do suggest it be scan to surface the vulnerability still - Check out the OWASP Zed Attack Proxy (ZAP).
0
 
LVL 25

Assisted Solution

by:madunix
madunix earned 250 total points
ID: 41827505
Cross-Site Request Forgery (CSRF):  allows a third party to redirect static content within
the security context of a trusted site. XSS- User trust the Websites. (Like how we trust Facebook). CSRF- Websites put his trust in the user as he is Authenticated.

One control to protect the CSRF attack is by inserting random data, supplied
by the relying party, into any linked uniform resource locator with side effects and into a hidden
field within any form on the relying partys website. Generating a per-session shared secret is
effective against a session hijacking problem. Sanitizing inputs to make them nonexecutable is
effective against cross site scripting XSS attacks, not CSRF attacks.
 source: cissp practice
0
 
LVL 63

Accepted Solution

by:
btan earned 250 total points
ID: 41827922
Just thinking further - as long as it is website, the security scan and check should still take place and review the list of vulnerability. If XFS is surfaced, there is still risk involved as abuse from the internal staff or contractor may still happened.

For e.g. a malicious staff sending out phished links or broadcast to target users to click and redirect to a hosted site within inside internal or external in internet to siphon all the existing already login website credential. The unintended intranet bridged to internet is via the user machine that can surf internet and also connected within intranet - unless you can be sure the internet and intranet is totally separated and machine of these will not be common user machine issued.

The insider threat cannot be neglected. The XFS is not just a compliance check but any vulnerability of such does warrant a more preemptive measures and good practice to ensure the gaps are closed and avoid being further exploited by attacker as "jumping board" for data leakage or sabotage on internal critical core services.
0
 
LVL 2

Author Comment

by:brgdotnet
ID: 41831024
Thank you
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question