Sonntag, 4. Februar 2007
Maddin, 4. Februar 2007 um 21:38:54 MEZ Using Java in anti DNS-pinning attacks (Firefox and Opera) As the JavaVM employs its own DNS-pinning, Java applets are in general unaffected by anti DNS-pinning attacks. However, Kanatoko and I recently came up with a method that enables the usage Java code in anti DNS-pinning attacks anyway (at least in Firefox and Opera). The JavaScript-engines of the Firefox and Opera browsers offer a nice interface to Java classes: The LiveConnect feature of JavaScript 1.5, which allows to instantiate and access objects from the JDK. For example a Java socket can be opened this way: It turns out that if such a JavaScript-to-Java call is executed after the DNS-pinning has been broken, the JVM uses the newly assigned DNS entry (now pointing to an intranet host). While it is probably not as powerful as using arbitrary Java applets, this method still expands the means of an anti-pinning attack significantly (especially if the attacked browser does not allow Flash). Check out Kanatoko's demo that uses the Java socket class to do a low level portscan. It is about time for the browser vendors to start getting active in respect to anti-pinning issues.
|
online for 8377 Days
last updated: 09.04.14, 16:14 Youre not logged in ... Login
click:
Martin Welt martinjohns.com Tumbling Nerd Alert Blogroll doomicile foobla simonox Podroll IT Conversations The Podcast about nothing |