Ajax (in)security presented at BlackhatUSA 2006

by Billy Hoffman,

Summary : Ajax can mean different things to different people. To a user, Ajax means smooth web applications like Google Maps or Outlook Web Access. To a developer, Ajax provides methods to enrich a user's experience with a web application by reducing latency and offloading complex tasks on the client. To an information architect, Ajax means fundamentally changing the design of web applications so they span both client and server. To the security professional, Ajax makes life difficult by increasing the attack surface of web applications and exposing internal logic layers to the entire network. With 70% of attacks coming through the application layer, Ajax makes the job of securing web applications that much harder.
This presentation will comprehensively discuss the fundamental security issues of Ajax These include browser/server interact issues, application design issues, vulnerabilities in work-arounds like Ajax bridges, and how the hype surrounding Web 2.0 applications is making things worse. Specifically we will examine the different attack methodologies used against Ajax applications, how Ajax increases the danger of XSS attacks, the dangers of exposing your application logic layer to the network, how bridges can be used to exploit 3rd party sites, and more . Finally we discuss how to properly design an Ajax application to avoid these security issues and demonstrate methods to secure existing applications.
Participates should have a good understanding of HTTP, JavaScript, and be familiar with web application design.