Thursday, August 03, 2006

Black Hat: Javascript Attacks on Steroids

Brian Krebs writes on Security Fix:

Just sat through a rather disturbing presentation here at Black Hat on how bad guys can use Javascript to circumvent hardware and software firewalls and wreak havoc on a target's internal network.

Jeremiah Grossman and T.C. Niedzialkowski, both of Santa Clara, Calif.-based WhiteHat Security, showed Javascript tricks that could allow attackers to monitor which sites users have visited, change the configuration of their firewalls, and even record victims' keyboard strokes.

Using a Web server he and Niedzialkowski had seeded with invisible code, Grossman demonstrated how he could view which sites a test browser had recently visited. The code also divulged the user's internal network address -- information that is supposed to be hidden by the firewall. Later in the demo, he showed a Javascript attack that altered the test victim's firewall settings to allow attackers to punch through directly into the internal network.

More here.


Post a Comment

<< Home