Javascript injection{4}


by Caezar M
Summary:

This Journal is about ways to detect malicious code in javascript. as of the time of the writing of this article there had been little success in determining if maicious code had been injected into your server. it is very difficult to differentiate between good and bad code. the authors of this journal have come up with a method that is successful in detecting malicious code. this is achieved by inserting comment statements at the beginning and end of legitimate blocks of code accompanied by identical random tokens. by testing response pages for blocks of un commented code they are able to remove attacker code. also if response pages do have comments they are scanned for the random tokens and any tokens present that are not valid are id’d as attacker code and removed. the drawback the authors ran into was that this approach made it very difficult to inject legitimate code because of the filtering system. the authors had good results and plan to make automated tools to handle the tasks.

Response:

it is interesting to see that there are more than one way to attack servers. in our database class we were enthralled in the rate that SQL injection was proliferating all over the place. it is interesting to know that there is no lack of creativity umong hackers. but this journal made me think that this proocess that they came up with, however efficient must take quite a bit of time to run, in this day and age we cannot waste any time in getting results and anything that slows us down will take a toll on business. other than that i am impressed with their unique strategy to solving javascript injection problems, and being able to block multiple types of injection attacks.

 

Shahriar H, Zulkernine M. (2011). Injecting Comments to Detect JavaScript Code Injection Attacks.  Computer Software and Applications Conference Workshops (COMPSACW), 2011 IEEE 35th Annual. 104-109