It's a shampoo world anyway
 
Sonntag, 4. Februar 2007


Using Java in anti DNS-pinning attacks (Firefox and Opera)

As the JavaVM employs its own DNS-pinning, Java applets are in general unaffected by anti DNS-pinning attacks. However, Kanatoko and I recently came up with a method that enables the usage Java code in anti DNS-pinning attacks anyway (at least in Firefox and Opera).

The JavaScript-engines of the Firefox and Opera browsers offer a nice interface to Java classes: The LiveConnect feature of JavaScript 1.5, which allows to instantiate and access objects from the JDK. For example a Java socket can be opened this way:

var Socket = new java.net.Socket(host,port);

It turns out that if such a JavaScript-to-Java call is executed after the DNS-pinning has been broken, the JVM uses the newly assigned DNS entry (now pointing to an intranet host). While it is probably not as powerful as using arbitrary Java applets, this method still expands the means of an anti-pinning attack significantly (especially if the attacked browser does not allow Flash). Check out Kanatoko's demo that uses the Java socket class to do a low level portscan.

It is about time for the browser vendors to start getting active in respect to anti-pinning issues.

 
online for 8377 Days
last updated: 09.04.14, 16:14
status
Youre not logged in ... Login
menu
... home
... topics

... antville home

Oktober 2024
So.Mo.Di.Mi.Do.Fr.Sa.
12345
6789101112
13141516171819
20212223242526
2728293031
Juni
about:
the shampoo world is
the personal weblog of Martin Johns.
recent

xml version of this page

Made with Antville
powered by
Helma Object Publisher




...welcome to the long tail...