It's a shampoo world anyway
Sonntag, 4. Februar 2007

Using Java in anti DNS-pinning attacks (Firefox and Opera)

As the JavaVM employs its own DNS-pinning, Java applets are in general unaffected by anti DNS-pinning attacks. However, Kanatoko and I recently came up with a method that enables the usage Java code in anti DNS-pinning attacks anyway (at least in Firefox and Opera).

The JavaScript-engines of the Firefox and Opera browsers offer a nice interface to Java classes: The LiveConnect feature of JavaScript 1.5, which allows to instantiate and access objects from the JDK. For example a Java socket can be opened this way:

var Socket = new,port);

It turns out that if such a JavaScript-to-Java call is executed after the DNS-pinning has been broken, the JVM uses the newly assigned DNS entry (now pointing to an intranet host). While it is probably not as powerful as using arbitrary Java applets, this method still expands the means of an anti-pinning attack significantly (especially if the attacked browser does not allow Flash). Check out Kanatoko's demo that uses the Java socket class to do a low level portscan.

It is about time for the browser vendors to start getting active in respect to anti-pinning issues.

online for 7217 Days
last updated: 09.04.14, 16:14
Youre not logged in ... Login
... home
... topics

... antville home

August 2021
the shampoo world is
the personal weblog of Martin Johns.

xml version of this page

Made with Antville
powered by
Helma Object Publisher

...welcome to the long tail...