Wednesday, September 29, 2010

Re: Vulnerabilities in GWT applications

On Sep 29, 5:54 pm, Basdl <b...@cirosec.de> wrote:
> Hi,
>
> I want to find security holes in a) and b).
>
> I know that a) is always untrustable but there are some thigs to check
> out
> e.g. read / write of window.location or use setInnerHtml on untrusted
> data as
> Sripathi Krishnan said.

You'd probably have better luck searching all occurrences of
HasHTML.setHTML and/or Element.setInnerHTML and/or Window.Location and
manually checking, than trying to write a robot to find holes for you.

> With the knowledge of possible GWT-RPCs I can try to attack b).
> Thus, I can check If the input is validated correctly on the server.

If the goal is to check your code, as opposed to GWT
RemoteServiceServlet and associated RPC serialization, then how about
just calling your methods in pure Java, without resorting to "GWT-RPC
over HTTP".

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.

No comments:

Post a Comment