Krzysztof Kotowicz is a Web security researcher specialized in the discovery and exploitation of HTML5 vulnerabilities. He is the author of multiple recognized HTML5/UI redressing attack vectors. Speaker at international IT security conferences & meetings (SecurityByte 2011, HackPra 2011, OWASP, Tech Krakspot). Works as IT security consultant with Securing.pl and IT security trainer with Niebezpiecznik.pl. He is the author of the “Hacking HTML5” training program. Takes part in multiple Security Bug Bounty programs (Google Security Bug Bounty, Facebook White Hat, Piwik Security Bug Bounty).
The presentation will include applications of recent discoveries of HTML 5 related vulnerabilities and UI redressing vectors, combined together and demonstrated as complete attacks. In particular this will include: - using IFRAME sandbox as a universal anti-frame-buster ( http://html5sec.org/#122 ) - using HTML5 Cross Origin Resource Sharing as a CSRF technique - using CORS to make silent CSRF file upload ( http://blog.kotowicz.net/2011/04/how-to-upload-arbitrary-file-contents.html ) - Drag-into UI redressing vector and exploiting 'unexploitable' XSS through it ( http://blog.kotowicz.net/2011/03/exploiting-unexploitable-xss-with.html ) - Drag-out UI redressing vector and using it to extract sensitive data like anti-CSRF tokens / session ids - using view-source pseudo-protocol - “fake captcha” UI redressing vector ( http://blog.kotowicz.net/2011/07/cross-domain-content-extraction-with.html )