all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hijacking service workers via DOM Clobbering

Add to bookmarks
Nov. 29, 2022, 2 p.m. |

PortSwigger Research portswigger.net

In this post, we'll briefly review how service worker hijacking works, then introduce a variant that can be triggered via DOM clobbering thanks to a quirk in document.getElementById(). Understanding s

dom hijacking service workers

Visit resource

More from portswigger.net / PortSwigger Research

Making Desync attacks easy with TRACE 4 weeks, 2 days ago | portswigger.net
attacks can constraints easy +8
Using form hijacking to bypass CSP 1 month, 1 week ago | portswigger.net
bypass can configuration csp +6
Top 10 web hacking techniques of 2023 1 month, 4 weeks ago | portswigger.net
community hacking identify research +7
Hiding payloads in Java source code strings 2 months, 3 weeks ago | portswigger.net
abuse can code conceal +5
Top 10 web hacking techniques of 2023 - nominations open 3 months, 1 week ago | portswigger.net
blog blog posts community hacking +8
Finding that one weird endpoint, with Bambdas 4 months ago | portswigger.net
act balancing act concepts endpoint +6
Blind CSS Exfiltration: exfiltrate unknown web pages 4 months, 1 week ago | portswigger.net
css discover exfiltration gif +3
The single-packet attack: making remote race-conditions 'local' 6 months ago | portswigger.net
attack conditions effectively http +10
How to build custom scanners for web security research automation 6 months, 2 weeks ago | portswigger.net
aid attack automation build +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Deputy Chief Information Security Officer

@ City of Philadelphia | Philadelphia, PA, United States
View on infosec-jobs.com

Global Cybersecurity Expert

@ CMA CGM | Mumbai, IN
View on infosec-jobs.com

Senior Security Operations Engineer

@ EarnIn | Mexico
View on infosec-jobs.com

Cyber Technologist (Sales Engineer)

@ Darktrace | London
View on infosec-jobs.com
View more jobs