Exploiting AJAX Based Web Applications : Shots
View Specific
zeroknock [at] secniche.org
For Education Purposes Only!
View Specific
The ajax prune out to be the finest web application technology but what makes it
like that.The shots have been listed.The shots can be used in any realm based on
the functionality of web applications. The shots are enumerated as:-
[0x1] Execution Speed:
The real advantage of JavaScript data in the Ajax world is speed. It can take up to half a second to parse through XML on a reasonably fast machine, while the equivalent amount of data encoded as JavaScript is evaluated into arrays and associative arrays in just a few milliseconds.
[0x2] Generating Syndicate Feeds In One Shot:
The great part about using RSS for your Ajax data is that you can do things with one action. Not only do you get the data to your JavaScript code, but you also create a syndication feed that people can subscribe to using their RSS readers.
[0x3] Restricting Domains:
The big disadvantage is the security restriction on domains. If your page comes
from www.meta.com, your script cannot then request data from www.google.com. You
can only make requests to www.meta.com, which means that creating an RSS reader
that residesjust on the client is impossible.
[0x4] Incore Parsing:
It is to parse the JavaScript code returned from js.php than it is to parse XML.
You simply run the eval function on the code and take the returned value, which
is the array of hash tables,then walk through them using a standard JavaScript for loop.
[0x5] Javascript Module Tracing:
Its possible to trace javascript functions.
--> javascript:eval
--> javascript:alert
--> javascript iframe | frame
--> javascript:escape
--> javascript:unescape
--> <script></script>
[0x6] Attack Simulation:
The advantage of a frame is that you can use it in the ever-diminishing number of
browsers that don't support the XMLHttp object. You can also use a frame to add
items to the user's page history so that the back button actually works on your Ajax
page. Unfortunately, the disadvantages are numerous. Using frames for transport
works easily only for transmitting HTML, although with some hacking you can get
JavaScript code and XML across the wire, as well.
With the iframe approach, you can get data to the server in either of two ways. The
first way is through the URL arguments associated with the src attribute on the
<iframe> tag. The second way is to create a <form> tag with associated <input>
elements inside the iframe document, then use the submit() method on the
<form> tag to POST or GET data to the server.
[0x7]Accessing Web Server Realm:
The XMLHttpRequest object provides two properties that provide access to the server response.The first property, responseText, simply provides the response as a string. The second property,responseXML, provides the response as an XML object. Retrieving the response as simple text is fine for simple use cases, such as when the response is displayed in an alert box or the response is a simple one-word phrase indicating success or failure.
[0x8]Sandbox Security:
browser-based technologies wouldn’t be complete without mentioning security.
The XMLHttpRequest object is subjected to the browser’s security sandbox.Any resources requested by the XMLHttpRequest object must reside within the same domain from which the calling script originated. This security restriction prevents the XMLHttpRequest object from requesting resources outside the domain from which the script was originally served.
[0x9]Database Manipulations:
The header inlusion is very critical. Lik php header plays a crucial role in ajax
as if this is not included in the database startup code the ajax application ,the
xml document would not return at the end of an XMLHttp request.This is because of
the fact that ajax xml specification support every mime type as text except xml prescribed in the content type.
<?php header( 'content-type=text/xml' ) ?>