Overview
Explore a novel web hacking technique that bypasses XSS mitigations through script gadgets in this 47-minute conference talk from AppSec EU 2017. Learn how attackers can abuse legitimate JavaScript code to execute malicious scripts, even in the presence of HTML sanitizers and Content Security Policy. Discover real-world examples of script gadgets in popular JavaScript libraries, APIs, and applications. Examine the process of injecting benign elements that match gadget selectors, leading to unintended script execution. Gain insights into the limitations of current XSS prevention methods and understand the potential risks associated with this technique. Delve into specific examples, including gadgets in Knockout.js and expression parsers, to better comprehend the mechanics of this attack vector. Conclude with a summary of the implications and potential future developments in this area of web security.
Syllabus
Intro
XSS mitigations
Selectors in Frameworks
Selectors - Example
XSS Example
Research
Results sneak peek
Example gadgets
Example: Knockout
Simple Script Gadgets
Gadgets in expression parsers
Bypassing mitigations with gadgets
Caveats
Summary
Outlook & Conclusion
Taught by
OWASP Foundation