cgi browser cgi
play

CGI-Browser-CGI qux.com foo.org geht.net bar.com . p.1/ ?? - PowerPoint PPT Presentation

Jun 11, 2023 •178 likes •459 views

CGI-Browser-CGI qux.com foo.org geht.net bar.com . p.1/ ?? CGI-Browser-CGI qux.com foo.org /cgibin/img.pl /cgibin/img.pl geht.net bar.com /cgibin/img.pl /cgibin/img.pl . p.1/ ?? CGI-Browser-CGI qux.com foo.org

  1. CGI-Browser-CGI qux.com foo.org geht.net bar.com . – p.1/ ??

  2. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl . – p.1/ ??

  3. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif . – p.1/ ??

  4. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif http://harmless.org/index.html . – p.1/ ??

  5. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif http://harmless.org/index.html <img src="http://foo.org/cgi−bin/img.pl"> . – p.1/ ??

  6. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif http://harmless.org/index.html <img src="http://foo.org/cgi−bin/img.pl"> . – p.1/ ??

  7. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif geht.net bar.com spool /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif http://harmless.org/index.html <img src="http://foo.org/cgi−bin/img.pl"> . – p.1/ ??

  8. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif geht.net bar.com spool /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif http://harmless.org/index.html 303 Location http://geht.net/cgi−bin/img.pl?id=aswHu3gw49hh4... <img src="http://foo.org/cgi−bin/img.pl"> . – p.1/ ??

  9. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif http://harmless.org/index.html GET /cgi−bin/img.pl?id=aswHu3gw49hh4... . – p.1/ ??

  10. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif spool http://harmless.org/index.html . – p.1/ ??

  11. CGI-Browser-CGI qux.com foo.org /cgi−bin/img.pl /cgi−bin/img.pl img.gif geht.net bar.com /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif 500 http://harmless.org/index.html Content−Type: image/gif .... . – p.1/ ??

  12. CGI-Browser-CGI qux.com foo.org geht.net bar.com http://some.com/index.html http://some.com/index.html http://some.com/index.html http://some.com/index.html . – p.1/ ??

  13. Same with Acks qux.com foo.org geht.net bar.com http://some.com/index.html <frame src="http://foo.org/ cgi−bin/img.pl"> . – p.2/ ??

  14. Same with Acks qux.com foo.org geht.net bar.com 303 Location http://geht.net/cgi−bin/img.pl?id=9gXe0pl1f... http://some.com/index.html <frame src="http://foo.org/ cgi−bin/img.pl"> . – p.2/ ??

  15. Same with Acks qux.com foo.org geht.net bar.com http://some.com/index.html <frame src="http://foo.org/ cgi−bin/img.pl"> GET /cgi−bin/img.pl?id=9gXe0pl1f... . – p.2/ ??

  16. Same with Acks qux.com foo.org geht.net bar.com http://some.com/index.html <img src="http://foo.org/ cgi−bin/img.pl?ack=0xd34.."> . – p.2/ ??

  17. Same with Acks qux.com foo.org geht.net bar.com GET /cgi−bin/img.pl?ack=0xd34... http://some.com/index.html <img src="http://foo.org/ cgi−bin/img.pl?ack=0xd34.."> . – p.2/ ??

  18. Same with Acks qux.com foo.org geht.net bar.com 500 Content−Type: image/gif ... http://some.com/index.html <img src="http://foo.org/ cgi−bin/img.pl?ack=0xd34.."> . – p.2/ ??

  19. � Other ways Cookies with Domain= .something.tld (Broadcast) . – p.3/ ??

  20. � � Other ways Cookies with Domain= .something.tld (Broadcast) Javascript: . – p.3/ ??

  21. � � � Other ways Cookies with Domain= .something.tld (Broadcast) Javascript: submit prepared FORMs OnLoad . – p.3/ ??

  22. � � � � Other ways Cookies with Domain= .something.tld (Broadcast) Javascript: submit prepared FORMs OnLoad Talking Frames ? . – p.3/ ??

  23. � End Points Have the receiver parse the HTML with a script. . – p.4/ ??

  24. � � End Points Have the receiver parse the HTML with a script. Steganography, but: Where on the Web are images unique per request with sufficient entropy? . – p.4/ ??

  25. � � � End Points Have the receiver parse the HTML with a script. Steganography, but: Where on the Web are images unique per request with sufficient entropy? . – p.4/ ??

  26. � Properties Hapless browsers transport the data, indistinguishable from users of the PET . – p.5/ ??

  27. � � Properties Hapless browsers transport the data, indistinguishable from users of the PET Established protocol (Firewalls, NAT,..) . – p.5/ ??

  28. � � � Properties Hapless browsers transport the data, indistinguishable from users of the PET Established protocol (Firewalls, NAT,..) Anonymity set depends on popularity of web pages . – p.5/ ??

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Browser and Network request Browser website CS 4803 reply Network OS Computer and Network

Browser and Network request Browser website CS 4803 reply Network OS Computer and Network

Browser and Network request Browser website CS 4803 reply Network OS Computer and Network Security Hardware Alexandra (Sasha) Boldyreva Browser sends requests May reveal private information (in forms, cookies) Web security.

517 views • 7 slides
RequireJS Javascript Modules for the Browser By Ben Keith Quoin, Inc. Traditional Browser JS

RequireJS Javascript Modules for the Browser By Ben Keith Quoin, Inc. Traditional Browser JS

RequireJS Javascript Modules for the Browser By Ben Keith Quoin, Inc. Traditional Browser JS One global namespace Often inline JS code embedded directly in HTML Many &lt;script&gt; tags with hidden ordering dependencies Very

362 views • 15 slides
Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does

Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does

Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does Standard Tor is easy to block GetTor helps you get Tor Browser GetTor helps you get Tor Browser Tor Browser ships with default

567 views • 24 slides
THE BROWSER IS DEAD Dan North Dan North &amp; Associates LONG LIVE THE BROWSER! Dan North

THE BROWSER IS DEAD Dan North Dan North &amp; Associates LONG LIVE THE BROWSER! Dan North

THE BROWSER IS DEAD Dan North Dan North &amp; Associates LONG LIVE THE BROWSER! Dan North Dan North &amp; Associates The gangs 1990: Tim Berners-Lee - (WorldWideWeb) 1993: NCSA Mosaic 1994: Netscape - Navigator 1995: Microsoft -

971 views • 21 slides
CS371m - Mobile Computing WebView and Web Services Using Built In Browser App To use the

CS371m - Mobile Computing WebView and Web Services Using Built In Browser App To use the

CS371m - Mobile Computing WebView and Web Services Using Built In Browser App To use the built in browser create an Intent and start the Activity 2 WebView A View that display web pages basis for creating your own web browser OR

1.28k views • 54 slides
GWT-Gears The Browser is the Platform The Browser is the Platform Didier Girard

GWT-Gears The Browser is the Platform The Browser is the Platform Didier Girard

GWT-Gears The Browser is the Platform The Browser is the Platform Didier Girard girard.d@sfeir.com Sfeir CTO Member of OSSGTP Before starting, some questions Who knows javascript ? Who is a javascript expert ? Who knows java ?

1.57k views • 93 slides
Google Chrome The Invisible Browser Ben Goodger Tech Lead, User Interface Google Inc.

Google Chrome The Invisible Browser Ben Goodger Tech Lead, User Interface Google Inc.

Google Chrome The Invisible Browser Ben Goodger Tech Lead, User Interface Google Inc. Beginnings A new browser... a new opportunity A modern platform for web applications Objective: An Invisible Browser Deliver a transparent experience:

557 views • 9 slides
WEB AND BROWSER SECURITY Ben Livshits, Microsoft Research Web Application Vulnerabilities &amp;

WEB AND BROWSER SECURITY Ben Livshits, Microsoft Research Web Application Vulnerabilities &amp;

WEB AND BROWSER SECURITY Ben Livshits, Microsoft Research Web Application Vulnerabilities &amp; Defenses 2 Server-side woes Browser mechanisms: Same origin SQL injection Cross-domain request XSS overview Content

738 views • 50 slides
Browser UX in VR Is The Web Accessible at All in VR? Oculus Overview Virtual Desktop &amp;

Browser UX in VR Is The Web Accessible at All in VR? Oculus Overview Virtual Desktop &amp;

Oculus Browser UX in VR Is The Web Accessible at All in VR? Oculus Overview Virtual Desktop &amp; Browser VR Apps Have Long Engagement Times How? Did they do something special? Uncomfortable Yet Still Compelling Content High

362 views • 6 slides
If you are viewing this presentation in a PDF, please stop and open the slides in browser (slides

If you are viewing this presentation in a PDF, please stop and open the slides in browser (slides

If you are viewing this presentation in a PDF, please stop and open the slides in browser (slides in the browser look way better): https://switowski.github.io/functional-css-talk/ 1 1 Maintainable CSS with visual regression testing and

850 views • 37 slides
Download for PC The most accessible web browser available. Download Step 1:

Download for PC The most accessible web browser available. Download Step 1:

Download for PC The most accessible web browser available. Download Step 1: https://www.google.com/intl/en/chrome/browser/ Step 2: Accept Terms of Service Download Step 3: Double Click on Download Step 4: Run Installation Download Select

496 views • 14 slides
How to protect your browser 0-day Codenamed #IRONSQUIRREL TS//SI//FVEY FOUO//SI//FVEY Zoltan

How to protect your browser 0-day Codenamed #IRONSQUIRREL TS//SI//FVEY FOUO//SI//FVEY Zoltan

How to protect your browser 0-day Codenamed #IRONSQUIRREL TS//SI//FVEY FOUO//SI//FVEY Zoltan Balazs MRG Effitas 2017 November Whoami? Zombie Browser Toolkit https://github.com/Z6543/ZombieBrowserPack HWFW Bypass tool Idea later(?)

711 views • 55 slides
Understanding and Combating Man-in-the- Browser Attacks 22 nd Annual FIRST Conference 16 June

Understanding and Combating Man-in-the- Browser Attacks 22 nd Annual FIRST Conference 16 June

Understanding and Combating Man-in-the- Browser Attacks 22 nd Annual FIRST Conference 16 June 2010 Jason Milletary Topics What is a Man-in-the-Browser Attack? How are they used? How can I identify and mitigate when they are

207 views • 18 slides
L2: Browser/HTML/Accessibility Web Engineering 188.951 2VU SS20 Jrgen Cito L2:

L2: Browser/HTML/Accessibility Web Engineering 188.951 2VU SS20 Jrgen Cito L2:

L2: Browser/HTML/Accessibility Web Engineering 188.951 2VU SS20 Jrgen Cito L2: Browser/HTML/Accessibility Browser Overview Semantic HTML Accessibility for the Web Web Accessibility Initiative (WAI) Learning Goals

513 views • 34 slides
Browser testing via Selenium What is Selenium? Browser framework - automating user-level

Browser testing via Selenium What is Selenium? Browser framework - automating user-level

Browser testing via Selenium What is Selenium? Browser framework - automating user-level testing Has a method for saving scripts - but its not very good Good for testing behaviour that cant be tested any other way - e.g.

743 views • 9 slides
Designing the Browser @joshcarpenter, Google Oct 19 2016, W3C WebVR Workshop All browsers

Designing the Browser @joshcarpenter, Google Oct 19 2016, W3C WebVR Workshop All browsers

Designing the Browser @joshcarpenter, Google Oct 19 2016, W3C WebVR Workshop All browsers should... No UI dead zones: Maximize for creative freedom of 360 experiences. Do not take away real estate from developers by persisting browser UI

499 views • 16 slides
Achieving The Right Approach Dr Naheed Rana NHS RightCare Delivery Partner, London Diabetes Lead

Achieving The Right Approach Dr Naheed Rana NHS RightCare Delivery Partner, London Diabetes Lead

NHS RightCare Achieving The Right Approach Dr Naheed Rana NHS RightCare Delivery Partner, London Diabetes Lead 12th July 2018 What is NHS RightCare? NHS RightCare is a programme committed to reducing unwarranted variation to improve peoples

577 views • 18 slides
Roman Gorbonosov on behalf of the Beams Department Controls Group Based on the input from

Roman Gorbonosov on behalf of the Beams Department Controls Group Based on the input from

Roman Gorbonosov on behalf of the Beams Department Controls Group Based on the input from M.Arruat, V.Baggiolini, JC.Bau, M.Buttner, P.Charrue, S.Deghaye, E.Hatziangeli, G.Kruk, M.Lamont, A.Radeva, U.Raich, C.Roderick, J.Serrano, W.Sliwinski,

919 views • 72 slides
CCC COUNCIL MEETING March 25th, 2019 AGENDA Welcome and Introductions Task Forces

CCC COUNCIL MEETING March 25th, 2019 AGENDA Welcome and Introductions Task Forces

CCC COUNCIL MEETING March 25th, 2019 AGENDA Welcome and Introductions Task Forces Industry Working Group BREAK AAAS Recap and Next Year Discussion LUNCH Artificial Intelligence New Initiatives

617 views • 38 slides
The relative stable category Jon F. Carlson University of Georgia 19 February 2015,

The relative stable category Jon F. Carlson University of Georgia 19 February 2015,

The relative stable category Jon F. Carlson University of Georgia 19 February 2015, Friedrich-Schiller-Universit at, Jena Jon F. Carlson University of Georgia The relative stable category Ground Rules. k = a field of characteristic p ,

760 views • 47 slides
SSL and CGI and Everything else 15-441: Computer Networks Yours Truly Based on Slides By

SSL and CGI and Everything else 15-441: Computer Networks Yours Truly Based on Slides By

SSL and CGI and Everything else 15-441: Computer Networks Yours Truly Based on Slides By &quot;Generations of TAs P1 Final Submission (1) SSL (2) CGI (3) Daemonize SSL Adding the S in HTTPS Lets talk about Security Bad Guy

799 views • 59 slides
15-441: Computer Networks Recitation 3 P1 Lead TAs: Mingran Yang, Alex Bainbridge Agenda 1.

15-441: Computer Networks Recitation 3 P1 Lead TAs: Mingran Yang, Alex Bainbridge Agenda 1.

15-441: Computer Networks Recitation 3 P1 Lead TAs: Mingran Yang, Alex Bainbridge Agenda 1. Project 1 Checkpoint 3 2. Advanced Git 3. Q&amp;A Checkpoint 3 Due Sep 27, 2019 This is only for 15-641 students! You will need to daemonize your

541 views • 26 slides
T YPE -G UIDED W ORST -C ASE I NPUT G ENERATION Di Wang , Jan Hoffmann Carnegie Mellon

T YPE -G UIDED W ORST -C ASE I NPUT G ENERATION Di Wang , Jan Hoffmann Carnegie Mellon

T YPE -G UIDED W ORST -C ASE I NPUT G ENERATION Di Wang , Jan Hoffmann Carnegie Mellon University R ESOURCE A NALYSIS Programs 2 R ESOURCE A NALYSIS Programs Performance 2 R ESOURCE A NALYSIS Time Memory Power Programs Performance

1.12k views • 83 slides
Dynamic web content technologies CSCI 470: Web Science

Dynamic web content technologies CSCI 470: Web Science

Dynamic web content technologies CSCI 470: Web Science Keith Vertanen Overview Dynamic content What it is Sources of input CGI

506 views • 21 slides

More recommend