This talk highlights potential attacks against web application using Ajax and XHR technology. The first part of the talk introduces Ajax and related technologies. Second part of the talk focuses on potential attacks and consequences, including some scenario where SOP (Same of origin) policy is bypassed.
28. Web worms – Comparison So the question is: Can you think about the impact of the next cross domain web worm? Worm Target Domain(s) Cross Domain? Impact Samy worm Myspace.com No 1 million of users affected Yannamer worm Yahoo.com No Unknown number of yahoo users affected Nduja worm Tiscali.it Libero.it Lycos.it Excite.com Yes N/A – This is a PoC