Hello,
I am collecting as information as possible about http(s) session attacks.
There is a plenty of information about existing attacks, but, i would like to know if some new breeds of attacks are now made possible either by security flaws in popular software or technologies or by new smarter security engineering.
Do you have some recommendations about new techniques or tools ?
Thanks,
There has been a very recent attack against HTTPS. The tool to perform this attack is called SSLStrip and was introduced in the blackhat 2009 talk by Moxie Marlinspike. I highly recommend watching the video on that page.
So far chrome is the only browser that has a partial fix for this issue. The patch is called STS and it must be enabled by the developer. Firefox is working on supporting STS. Microsoft and Apple are slow to adopt new security measures, they should eventually support this feature but as far as I know they haven't announced anything.
In terms of new attack patterns, buffer overflows are on the way out and Dangling Pointers are in full swing. A Heap Overflow and a Dangling Pointer vulnerability where chained together to win the Pwn2own 2010 for IE under Windows 7. Classic stack based buffer overflows are difficult to exploit on modern systems with NX-bit, Canaries and ASLR. However Dangling Pointers can be used to bypass these new security measures.