Solved

XSS Forgery attack against an Intranet applicaiton.

Posted on 2016-10-03
4
81 Views
Last Modified: 2016-10-05
I have an intranet ( NOT Internet ) application which is deployed on a clients server. The client does not have access to the source code for the website, meaning the C# and Asp.net code. At most the site will not have more than 3 users at any one time. Pretty low key site.

So my question is if such an intranet site is exempt from any type of XSS Forgery attack?
0
Comment
Question by:brgdotnet
  • 2
4 Comments
 
LVL 63

Assisted Solution

by:btan
btan earned 250 total points
ID: 41827463
Cross-Site Request Forgery (CSRF) is an attack where a malicious site sends a request to a vulnerable site where the user is currently logged in. So if your website does not have such login features then I see XFS unlikely to be applicable.

Also note
typically, CSRF attacks are possible against web sites that use cookies for authentication, because browsers send all relevant cookies to the destination web site. However, CSRF attacks are not limited to exploiting cookies. For example, Basic and Digest authentication are also vulnerable. After a user logs in with Basic or Digest authentication. the browser automatically sends the credentials until the session ends.
I do suggest it be scan to surface the vulnerability still - Check out the OWASP Zed Attack Proxy (ZAP).
0
 
LVL 25

Assisted Solution

by:madunix
madunix earned 250 total points
ID: 41827505
Cross-Site Request Forgery (CSRF):  allows a third party to redirect static content within
the security context of a trusted site. XSS- User trust the Websites. (Like how we trust Facebook). CSRF- Websites put his trust in the user as he is Authenticated.

One control to protect the CSRF attack is by inserting random data, supplied
by the relying party, into any linked uniform resource locator with side effects and into a hidden
field within any form on the relying partys website. Generating a per-session shared secret is
effective against a session hijacking problem. Sanitizing inputs to make them nonexecutable is
effective against cross site scripting XSS attacks, not CSRF attacks.
 source: cissp practice
0
 
LVL 63

Accepted Solution

by:
btan earned 250 total points
ID: 41827922
Just thinking further - as long as it is website, the security scan and check should still take place and review the list of vulnerability. If XFS is surfaced, there is still risk involved as abuse from the internal staff or contractor may still happened.

For e.g. a malicious staff sending out phished links or broadcast to target users to click and redirect to a hosted site within inside internal or external in internet to siphon all the existing already login website credential. The unintended intranet bridged to internet is via the user machine that can surf internet and also connected within intranet - unless you can be sure the internet and intranet is totally separated and machine of these will not be common user machine issued.

The insider threat cannot be neglected. The XFS is not just a compliance check but any vulnerability of such does warrant a more preemptive measures and good practice to ensure the gaps are closed and avoid being further exploited by attacker as "jumping board" for data leakage or sabotage on internal critical core services.
0
 
LVL 2

Author Comment

by:brgdotnet
ID: 41831024
Thank you
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question