HTML5 Security Risk Analysis II: Web Storage attacks

Previous: http://www.bkjia.com/Article/201209/154081.html

1. Introduction to WebStorage

HTML5 supports WebStorage. developers can create local storage for applications and store some useful information. For example, LocalStorage can be stored for a long time and has a large storage space of 5 MB, this greatly solves the problems of small data storage capacity, inconvenient access, and easy to be cleared by using cookies. This function provides great flexibility for the client.

Ii. attack methods

LocalStorage APIs are provided through Javascript, so that attackers can steal information through XSS attacks, such as user tokens or data. Attackers can use the following script to traverse local storage.

 
If (localStorage. length ){
For (I in localStorage ){
Console. log (I );
Console. log (localStorage. getItem (I ));
}
}
At the same time, LocalStorage is not the only method to expose local information. Many developers have a bad habit of putting a lot of key information into global variables for convenience, such as usernames, passwords, and mailboxes. If the data is not placed in the appropriate scope, it may cause serious security problems. For example, we can use the following script to traverse global variables to obtain information.
 
For (iin window ){
Obj = window [I];
If (obj! = Null | obj! = Undefined)
Var type = typeof (obj );
If (type = "object" | type = "string "){
Console. log ("Name:" + I );
Try {
My = JSON. stringify (obj );
Console. log (my );
} Catch (ex ){}
}
}

Iii. attack tools

HTML5dump is defined as "JavaScriptthat dump all HTML5 local storage". It can also output HTML5 SessionStorage, global variables, LocalStorage, and local database storage.

 

Iv. Defense

The following measures are taken to defend against WebStorage Attacks:

1. Place data in the appropriate scope

For example, user sessionID should be stored in sessionStorage instead of LocalStorage. User data should not be stored in global variables, but in temporary or local variables.

2. Do not store sensitive information.

Because we cannot always know whether there will be some security issues on the page, we must not store important data in WebStorage.

From: http://blog.csdn.net/hfahe/article/details/7961618