Web Attack Vector #1 Response Challenges

5 minutes
Share the link to this page
Copied
  Completed
You need to have access to the item to view this lesson.
One-time Fee
$69.99
List Price:  $99.99
You save:  $30
€67.23
List Price:  €96.05
You save:  €28.81
£54.79
List Price:  £78.28
You save:  £23.48
CA$100.29
List Price:  CA$143.28
You save:  CA$42.98
A$112.09
List Price:  A$160.13
You save:  A$48.04
S$94.52
List Price:  S$135.03
You save:  S$40.51
HK$543.88
List Price:  HK$777
You save:  HK$233.12
CHF 61.94
List Price:  CHF 88.49
You save:  CHF 26.55
NOK kr788.73
List Price:  NOK kr1,126.80
You save:  NOK kr338.07
DKK kr502.03
List Price:  DKK kr717.22
You save:  DKK kr215.19
NZ$123.81
List Price:  NZ$176.87
You save:  NZ$53.06
د.إ257.07
List Price:  د.إ367.26
You save:  د.إ110.18
৳8,350.53
List Price:  ৳11,929.84
You save:  ৳3,579.31
₹5,977
List Price:  ₹8,538.94
You save:  ₹2,561.93
RM314.04
List Price:  RM448.65
You save:  RM134.61
₦108,176.53
List Price:  ₦154,544.52
You save:  ₦46,367.99
₨19,454.09
List Price:  ₨27,792.76
You save:  ₨8,338.66
฿2,391.55
List Price:  ฿3,416.65
You save:  ฿1,025.10
₺2,463.31
List Price:  ₺3,519.17
You save:  ₺1,055.85
B$446.27
List Price:  B$637.56
You save:  B$191.28
R1,312.34
List Price:  R1,874.85
You save:  R562.51
Лв131.59
List Price:  Лв188
You save:  Лв56.40
₩101,993.60
List Price:  ₩145,711.39
You save:  ₩43,717.78
₪255.42
List Price:  ₪364.90
You save:  ₪109.48
₱4,105.61
List Price:  ₱5,865.41
You save:  ₱1,759.80
¥11,000.67
List Price:  ¥15,715.92
You save:  ¥4,715.24
MX$1,411.29
List Price:  MX$2,016.21
You save:  MX$604.92
QR254.14
List Price:  QR363.08
You save:  QR108.93
P970.50
List Price:  P1,386.50
You save:  P415.99
KSh9,031.50
List Price:  KSh12,902.70
You save:  KSh3,871.20
E£3,557.88
List Price:  E£5,082.90
You save:  E£1,525.02
ብር8,897.26
List Price:  ብር12,710.92
You save:  ብር3,813.65
Kz63,830.88
List Price:  Kz91,190.88
You save:  Kz27,360
CLP$69,240.40
List Price:  CLP$98,919.10
You save:  CLP$29,678.70
CN¥510.85
List Price:  CN¥729.82
You save:  CN¥218.97
RD$4,256.60
List Price:  RD$6,081.12
You save:  RD$1,824.52
DA9,455.74
List Price:  DA13,508.78
You save:  DA4,053.03
FJ$162.28
List Price:  FJ$231.84
You save:  FJ$69.55
Q538.26
List Price:  Q768.97
You save:  Q230.71
GY$14,619.81
List Price:  GY$20,886.35
You save:  GY$6,266.53
ISK kr9,767.10
List Price:  ISK kr13,953.60
You save:  ISK kr4,186.50
DH704.68
List Price:  DH1,006.73
You save:  DH302.05
L1,289.28
List Price:  L1,841.91
You save:  L552.62
ден4,135.94
List Price:  ден5,908.74
You save:  ден1,772.79
MOP$559.01
List Price:  MOP$798.63
You save:  MOP$239.61
N$1,299.34
List Price:  N$1,856.28
You save:  N$556.93
C$2,571.30
List Price:  C$3,673.45
You save:  C$1,102.14
रु9,517.06
List Price:  रु13,596.38
You save:  रु4,079.32
S/260.20
List Price:  S/371.74
You save:  S/111.53
K283.61
List Price:  K405.18
You save:  K121.56
SAR262.82
List Price:  SAR375.47
You save:  SAR112.65
ZK1,933.89
List Price:  ZK2,762.82
You save:  ZK828.92
L334.85
List Price:  L478.38
You save:  L143.52
Kč1,692.49
List Price:  Kč2,417.95
You save:  Kč725.45
Ft27,633.93
List Price:  Ft39,478.73
You save:  Ft11,844.80
SEK kr761.65
List Price:  SEK kr1,088.11
You save:  SEK kr326.46
ARS$71,885.87
List Price:  ARS$102,698.50
You save:  ARS$30,812.63
Bs482.86
List Price:  Bs689.84
You save:  Bs206.97
COP$308,852.42
List Price:  COP$441,236.66
You save:  COP$132,384.23
₡35,480.70
List Price:  ₡50,688.88
You save:  ₡15,208.18
L1,775.44
List Price:  L2,536.46
You save:  L761.01
₲544,980.94
List Price:  ₲778,577.57
You save:  ₲233,596.63
$U3,110.44
List Price:  $U4,443.67
You save:  $U1,333.23
zł286.56
List Price:  zł409.39
You save:  zł122.83
Already have an account? Log In

Transcript

Now let's talk about these HTTP flood response challenges that I briefly mentioned previously. Basically, we will be covering two types of HTTP response challenges in this lecture. The first one is going to be 302 redirect challenge. And the second one is JavaScript cookie challenge. Now for the sake of clarity, I would like to mention that 302 redirect also involves a sort of cookie. The only thing is it is not embedded in JavaScript.

In other words, this redirect this whole process that I'm going to describe you in most setting cookies, the only thing is, they are embedded as HTTP cookie headers. Whereas in JavaScript cookies case, the cookie is embedded as a JavaScript object in the page that is retrieved by the client. Let me start off with the first one and demonstrate to how it looks like Basically, this is like the whole process. And we have the proxy again here. This first part of the challenge series is actually a TCP challenge. And I can say, is not mandatory from application layer perspective.

So even though I decided to depict it here, you can just omit this part and start with the layer seven challenges. And how this challenge looks like is first we verify TCP cookie, which is this step. Then after this TCP challenge, when we received the first GET or POST request, we reply with L seven, which is a layer seven cookie here. Here the server presents the OSI layer. So you can consider it as an application layer cookie. In our case, it does apply to the 302 redirect.

And after answering with that, we just terminate the connection After that, we can again apply a TCP challenge, the same challenge that we discussed earlier in network layer section. However, at this part, we actually After establishing the connection, here, we actually expect the client to send the GET or POST request with the previously set and seven cookie, the application layer cookie that was set up in the previous stage. And if we received that, we again send the 302 redirect request. And we here also suddenly terminate the connection to only difference of the stage we are declined to http authentication table. So if the same client passes both stages, in other words, both the redirects, then we just let the traffic flow through directly between client and server, and we don't interfere with the rest of the traffic anymore. As I already briefly mentioned, you don't even have to use TCP challenge parts.

You can just Start of both stages directly with the application layer challenges. In other words, the application layer redirects. Basically we are here checking whether the clients remembers the cookies that we set for it after closing the connection, because if it is an attacker, it's quite unlikely that attacker will keep the trace of the cookies that we set on application layer. And he will just continue to send the same packets without the cookies that we set. Therefore, after verifying the cookie and redirects twice, we ensure that this is a real client. And we can just let the traffic flow.

Know when we investigate the packets. This is like an example package of we get requests in this example. This is how it looks like. As you can see, we encounter 302 redirect and cookies set as an additional HTTP header when it comes to JavaScript cookies We just set the cookie under descript bracelets, as you can see here. And we just direct the page to itself. It relies on the fact that the attacker is not using an emulation of JavaScript.

And therefore, if it is a real user, it's quite likely that he will be able to answer our JavaScript cookies, because most of the bots do not use JavaScript, although recently it is changing. So this JavaScript cookie might not be the best option all the time. However, this is a much more straightforward method than the previous ones, as we just set the cookie, and we redirect page itself here. And basically that's all we don't do any other complicated redirects, as we described previously. Now these challenges are fine. However, when it comes to POST requests, as opposed to get, we need to consider a few things while applying those response challenges.

The first thing is the data sent in the post request Google lost in most cases. And when it comes to 302 redirect method, some browsers will convert the post request to a get request. So please bear that in mind while designing your for defenses. And as part of JavaScript redirect methods, some browsers may warn the users about this redirect to itself, which might cause an unnecessary panic on client side. And that's all matters that I would like to discuss. If you also know other matters, related to challenging the traffic's, you can mention in comments.

I will be waiting for your feedback on that.

Sign Up

Share

Share with friends, get 20% off
Invite your friends to LearnDesk learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.