Why would a webdev store info on server side instead of client side?
- to hide app logic
2. to avoid back and forth data transmission of typical cookies
Sessions
lets website store variables specific for a given visit on the server-side
session ID / token
assigned to client and identifies user session
- server retrieves the state of the client and all its associated variables
- stored by inside text files storage
How does a web application install session IDs on a web browser
by using session cookies
session cookies
contain single parameter value pair referring to the session
SOP: Same Origin Policy
- prevents JavaScript code from getting or setting properties on a resource coming from a different origin
- critical point of web app sec
How does a browser determine if JavaScript can access a resource?
hostname, port, and protocol must match
What does SOP apply to?
ONLY the actual code of a script
In terms of SOP, what would happen if a script on domain A could read content on domain B?
it would be possible to steal clients’ information and mount a number of very dangerous attacks
intercepting proxy
tool that lets you analyze and modify any request or response exchanged between an HTTP client and server
proxy server
different from intercepting
- fro bandwidth optimization, content filtering, etc
What does Burp Suite let you do?
- intercept requests/responses between browser and web server
- build requests manually
- crawl a website by automatically visiting every page in a website
- fuzz web apps by sending them patterns f valid and invalid inputs to test their behavior
How to check what HTTP traffic Burp is collecting?
- Proxy > History tab
- Target > Site Map tab
What is Burp Repeater
lets you manually build raw HTTP requests
- can also use netcat or telnet
- but burp also gives you: syntax, raw/rendered responses, integration with other burp tools
