Solved

XSS Forgery attack against an Intranet applicaiton.

Posted on 2016-10-03
4
115 Views
Last Modified: 2016-10-05
I have an intranet ( NOT Internet ) application which is deployed on a clients server. The client does not have access to the source code for the website, meaning the C# and Asp.net code. At most the site will not have more than 3 users at any one time. Pretty low key site.

So my question is if such an intranet site is exempt from any type of XSS Forgery attack?
0
Comment
Question by:brgdotnet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 64

Assisted Solution

by:btan
btan earned 250 total points
ID: 41827463
Cross-Site Request Forgery (CSRF) is an attack where a malicious site sends a request to a vulnerable site where the user is currently logged in. So if your website does not have such login features then I see XFS unlikely to be applicable.

Also note
typically, CSRF attacks are possible against web sites that use cookies for authentication, because browsers send all relevant cookies to the destination web site. However, CSRF attacks are not limited to exploiting cookies. For example, Basic and Digest authentication are also vulnerable. After a user logs in with Basic or Digest authentication. the browser automatically sends the credentials until the session ends.
I do suggest it be scan to surface the vulnerability still - Check out the OWASP Zed Attack Proxy (ZAP).
0
 
LVL 25

Assisted Solution

by:madunix
madunix earned 250 total points
ID: 41827505
Cross-Site Request Forgery (CSRF):  allows a third party to redirect static content within
the security context of a trusted site. XSS- User trust the Websites. (Like how we trust Facebook). CSRF- Websites put his trust in the user as he is Authenticated.

One control to protect the CSRF attack is by inserting random data, supplied
by the relying party, into any linked uniform resource locator with side effects and into a hidden
field within any form on the relying partys website. Generating a per-session shared secret is
effective against a session hijacking problem. Sanitizing inputs to make them nonexecutable is
effective against cross site scripting XSS attacks, not CSRF attacks.
 source: cissp practice
0
 
LVL 64

Accepted Solution

by:
btan earned 250 total points
ID: 41827922
Just thinking further - as long as it is website, the security scan and check should still take place and review the list of vulnerability. If XFS is surfaced, there is still risk involved as abuse from the internal staff or contractor may still happened.

For e.g. a malicious staff sending out phished links or broadcast to target users to click and redirect to a hosted site within inside internal or external in internet to siphon all the existing already login website credential. The unintended intranet bridged to internet is via the user machine that can surf internet and also connected within intranet - unless you can be sure the internet and intranet is totally separated and machine of these will not be common user machine issued.

The insider threat cannot be neglected. The XFS is not just a compliance check but any vulnerability of such does warrant a more preemptive measures and good practice to ensure the gaps are closed and avoid being further exploited by attacker as "jumping board" for data leakage or sabotage on internal critical core services.
0
 
LVL 2

Author Comment

by:brgdotnet
ID: 41831024
Thank you
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses
Course of the Month7 days, 4 hours left to enroll

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question