Szkolenie z bezpieczeństwa frontendu

# Szkolenie z bezpieczeństwa frontendu [TOC] --- ![Kamil Jarosiński](https://securitum.pl/wp-content/uploads/2019/03/Kamil-Jarosin%CC%81ski.jpeg =260x223) **Kamil Jarosiński** - Pracuję w [Securitum](https://securitum.pl) - Mam ponad sześć lat doświadczenia w pentestach w Securitum - Zajmuje się głównie pentestami aplikacji webowych, API, Cloud, IoT, Mobilkami oraz [Szkoleniami](https://securitum.pl/szkolenia/) - Prelegent na konferencji: Mega SHP (2019, 2021, 2025), cyberstarter. - Współautor książki "Wprowadzenie do bezpieczeństwa IT. Tom2" - https://wdbit2.sekurak.pl/ --- **Kwestie organizacyjne** - Jeśli nikt nie ma nic przeciwko, zwracajmy się na "Ty" - Ramy czasowe: 09:00-16:00 - Co około 60 minut zrobimy 10-minutową przerwę - W okolicach 12:30 - 45/30 min. przerwa obiadowa - Pytania zadawajcie na bieżąco. --- **Agenda** 1. Effects of XSS 2. XSS sources and sinks 3. XSS filters and sanitization 4. JS frameworks/libraries and security --- 5. Cross-Site Request Forgery 6. Clickjacking 7. Dangling Markup 8. Attacks utilizing CSS Injection 9. postMessage security issues 10. CORS security issues 11. Service Workers security issues 12. Web Sockets security issues 13. Security mechanisms in modern browsers 14. Content-Security-Policy --- **You** - What's your name? - What do you do? - What topic in the agenda seems most interesting for you? (everything seems interesting is a valid answer :smile:) --- **Web Security Academy** We will be using [Web Security Academy](https://portswigger.net/web-security/dashboard) for some challenges. It is available for free but you need to create account first. --- # XSS introduction (and effects of XSS) **XSS** (Cross-Site Scripting) is a vulnerability that enables attackers to injection client-side scripts into web pages viewed by other users (via [Wikipedia](https://en.wikipedia.org/wiki/Cross-site_scripting)). --- <iframe height="536" style="width: 100%;" scrolling="no" title="XSS intro" src="https://codepen.io/securitymb/embed/ZEeZZmd?height=536&theme-id=light&default-tab=result" frameborder="no" loading="lazy" allowtransparency="true" allowfullscreen="true"> See the Pen <a href='https://codepen.io/securitymb/pen/ZEeZZmd'>XSS intro</a> by securityMB (<a href='https://codepen.io/securitymb'>@securitymb</a>) on <a href='https://codepen.io'>CodePen</a>. </iframe> --- XSS is usually shown on examples of `alert(1)`, `alert(document.domain)`, `alert(document.cookie)`. But what are the real-world consequences of the vulnerability? --- Demo time. http://demo-xss.lab-08.securitum.net/ http://lab-08.securitum.net/files/payloads/ http://demo-helpdesk.lab-08.securitum.net/ http://excessy-helpdesk.lab-08.securitum.net/ --- ## XSS effects ```graphviz graph { "XSS effects" -- "Access data"; "XSS effects" -- "Performing any action"; "XSS effects" -- "Session takeover"; "XSS effects" -- "Attacks on services in LAN"; "XSS effects" -- "Other attacks"; } ```