x
Home
Search
Topics
Almanac
Science
Nature
People
History
Society
Signup
Login
HOME
TOPICS
ALMANAC
SCIENCE
NATURE
PEOPLE
HISTORY
SOCIETY
PHILOSOPHY
Cross-site cooking
Topic Home
Discussion
0
Encyclopedia
Cross-site cooking is a type of browser exploit
Browser exploit
A browser exploit is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to alter a user's browser settings without their knowledge...

 which allows a site attacker to set a cookie for a browser into the cookie domain of another site server.

Cross-site cooking can be used to perform session fixation
Session fixation
In computer network security, session fixation attacks attempt to exploit the vulnerability of a system which allows one person to fixate another person's session identifier...

 attacks, as a malicious site can fixate the session identifier cookie
HTTP cookie
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user's browser and for the browser to return the state information to the origin site...

 of another site.

Other attack scenarios may also possible, for example: attacker may know of a security vulnerability in server, which is exploitable using a cookie. But if this security vulnerability requires e.g. an administrator password which attacker does not know, cross-site cooking could be used to fool innocent users to unintentionally perform the attack.

Cross site. Cross-site cooking is similar in concept to cross-site scripting
Cross-site scripting
Cross-site scripting is a type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same...

, cross-site request forgery
Cross-site request forgery
Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts...

, cross-site tracing
Cross-site tracing
Cross-site tracing is a network security vulnerability exploiting the HTTP TRACE method.XST scripts exploit ActiveX, Flash, or any other controls that allow executing an HTTP TRACE request. The HTTP TRACE response includes all the HTTP headers including authentication data and HTTP cookie...

, cross-zone scripting
Cross-zone scripting
Cross-zone scripting is a browser exploit taking advantage of a vulnerability within a zone-based security solution. The attack allows content in unprivileged zones to be executed with the permissions of a privileged zone - i.e. a privilege escalation within the client executing the script...

 etc., in that it involves the ability to move data or code between different web sites (or in some cases, between e-mail / instant messages and sites). These problems are linked to the fact that a web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...

 is a shared platform for different information / applications / sites. Only logical security boundaries maintained by browsers ensures that one site cannot corrupt or steal data from another. However a browser exploit
Browser exploit
A browser exploit is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to alter a user's browser settings without their knowledge...

 such as cross-site cooking can be used to move things across the logical security boundaries.

Origins

The name cross-site cooking and concept was presented by Michal Zalewski
Michal Zalewski
Michał Zalewski , also known by the user name lcamtuf, is a "white hat" hacker, computer security expert from Poland and a Google Inc. employee....

 in 2006. The name is a mix of cookie
HTTP cookie
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user's browser and for the browser to return the state information to the origin site...

 and cross-site
Cross-site
Cross-site can refer to the following network security exploits:*Cross-site cooking*Cross-site request forgery*Cross-site scripting*Cross-site tracing...

, attempting to describe the nature of cookies being set across sites.

In Michal Zalewski's article of 2006, Benjamin Franz was credited for his discovery, who in May 1998 reported a cookie domain related vulnerability to vendors. Benjamin Franz published the vulnerability and discussed it mainly as a way to circumvent "privacy protection" mechanisms in popular browsers. Michal Zalewski concluded that the bug, 8 years later, was still present (unresolved) in some browsers and could be exploited for cross-site cooking. Various remarks such as "vendors [...] certainly are not in a hurry to fix this" were made by Zalewski and others.

External links

  • Cross-Site Cooking article by Michal Zalewski. Details concept, 3 bugs which enables Cross Site Cooking. One of these bugs is the age old bug originally found by Benjamin Franz.
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
Silverdale Interactive © 2024. All Rights Reserved.
 
x
OK