Full resolution of 10 attack routes (attack vector)

An attacker could make a Dos attack through a replication node or generate an illegal XML that would cause server-side logic to break. An attacker can also manipulate external entities, causing any file or TCP connection ports to open. Poisoning with the definition of XML data can also cause changes in the running process to help attackers gain confidential information.

1. Cross-site scripting attacks in Ajax

example, the Yamanner worm exploited the Ajax cross-site scripting vulnerabilities of Yahoo Mail, and the Samy worm exploited MySpace.com's cross-site scripting vulnerabilities.

2. XML Poisoning (poisoning)

An attacker could make a Dos attack through a replication node or generate an illegal XML that would cause server-side logic to break. An attacker can also manipulate external entities, causing any file or TCP connection ports to open. Poisoning with the definition of XML data can also cause changes in the running process to help attackers gain confidential information.

3. Running a malicious AJAX code

Ajax coding can be done in a situation not known to the user, if the user first login to a confidential site, the confidential site returned a session cookie, and then the user did not exit the confidential site in the case of access to the attacker's website, the attacker's Web page AJAX encoding can be (through this session cookie.) To access the Web pages on a confidential website, thereby stealing confidential information from users. (Note: The explanation here is a bit vague, in theory, the browser will not pass a Web site session cookie to another site, which is the phrase "when the" browser makes a AJAX call to any Web site it replays Cook IES for each request. ", not quite right)

4. Rss/atom Injection

Attackers can inject JavaScript scripts into the RSS feeds, which can cause problems in the browser if the server does not filter out the scripts.

5. WSDL Scans and enumerations

WSDL provides information about the technologies used by Web services, as well as exposed methods, modes of invocation, and so on. If the Web service does not prohibit unnecessary methods, an attacker could find a potential point of attack through a WSDL scan.

6. Data validation in client-side AJAX coding

If the developer relies on client-side validation only and does not authenticate at the server end, it can lead to SQL injection, LDAP injection, and so on.

7. Web Service Routing problems

The Web Service security protocol uses the Ws-routing service, and if any transit point is captured, the SOAP message can be intercepted.

8. Parameter operations for SOAP messages

Similar to SQL injection, if the data for a node in a SOAP message is not validated.

9. XPath injection of SOAP messages

Similar to SQL injection, if the data is not validated by direct XPath query.

10. To RIA Fat client binary file operation

Because rich Internet applications components are downloaded to the browser local, attackers can reverse-engineer binary files, decompile the code, and skip authentication logic by altering files.