Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

XSS Forgery attack against an Intranet applicaiton.

Posted on 2016-10-03
4
Medium Priority
?
159 Views
Last Modified: 2016-10-05
I have an intranet ( NOT Internet ) application which is deployed on a clients server. The client does not have access to the source code for the website, meaning the C# and Asp.net code. At most the site will not have more than 3 users at any one time. Pretty low key site.

So my question is if such an intranet site is exempt from any type of XSS Forgery attack?
0
Comment
Question by:brgdotnet
  • 2
4 Comments
 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points
ID: 41827463
Cross-Site Request Forgery (CSRF) is an attack where a malicious site sends a request to a vulnerable site where the user is currently logged in. So if your website does not have such login features then I see XFS unlikely to be applicable.

Also note
typically, CSRF attacks are possible against web sites that use cookies for authentication, because browsers send all relevant cookies to the destination web site. However, CSRF attacks are not limited to exploiting cookies. For example, Basic and Digest authentication are also vulnerable. After a user logs in with Basic or Digest authentication. the browser automatically sends the credentials until the session ends.
I do suggest it be scan to surface the vulnerability still - Check out the OWASP Zed Attack Proxy (ZAP).
0
 
LVL 25

Assisted Solution

by:madunix
madunix earned 1000 total points
ID: 41827505
Cross-Site Request Forgery (CSRF):  allows a third party to redirect static content within
the security context of a trusted site. XSS- User trust the Websites. (Like how we trust Facebook). CSRF- Websites put his trust in the user as he is Authenticated.

One control to protect the CSRF attack is by inserting random data, supplied
by the relying party, into any linked uniform resource locator with side effects and into a hidden
field within any form on the relying partys website. Generating a per-session shared secret is
effective against a session hijacking problem. Sanitizing inputs to make them nonexecutable is
effective against cross site scripting XSS attacks, not CSRF attacks.
 source: cissp practice
0
 
LVL 65

Accepted Solution

by:
btan earned 1000 total points
ID: 41827922
Just thinking further - as long as it is website, the security scan and check should still take place and review the list of vulnerability. If XFS is surfaced, there is still risk involved as abuse from the internal staff or contractor may still happened.

For e.g. a malicious staff sending out phished links or broadcast to target users to click and redirect to a hosted site within inside internal or external in internet to siphon all the existing already login website credential. The unintended intranet bridged to internet is via the user machine that can surf internet and also connected within intranet - unless you can be sure the internet and intranet is totally separated and machine of these will not be common user machine issued.

The insider threat cannot be neglected. The XFS is not just a compliance check but any vulnerability of such does warrant a more preemptive measures and good practice to ensure the gaps are closed and avoid being further exploited by attacker as "jumping board" for data leakage or sabotage on internal critical core services.
0
 
LVL 2

Author Comment

by:brgdotnet
ID: 41831024
Thank you
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question