Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: applet security connecting to hosts

from [Haroon Meer] Network Security [Permanent Link]
Subject: Re: applet security connecting to hosts
Date: Thu, 10 Mar 2005 08:42:45 +0200 
Hi..

> F Lace wrote:
> First off, can someone explain the security issue if an unsigned
> applet connects to a different host?
> Thanks.

There could be multiple reasons for this but a while back we spent some time writing an applet that _could_ bypass this restriction with the following aims :

[a] While applet has pretty pictures (or just duke doing hand-flips) moving in the users browser, the applet is port-scanning hosts on his internal network and sending the results back our server. (by connecting sequentially to ports on the internal host)

[b] Once our applet has scanned, and fingerprinted internal hosts we can also get it to attack internal hosts (all this while the user simply sees moving pictures in his browser)

I guess the threat of of applet that loads in your browser and then attacks "whitehouse.gov" is just as serious..

/mh

======================================================================
Haroon Meer                                                         MH
SensePost Information Security                          +27 83786 6637
PGP : http://www.sensepost.com/pgp/haroon.txt     haroon@sensepost.com
======================================================================

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  calling all software security tool vendors/freeware/open source project leads, Evans, Arian
Next by Date:  RE: Web security breach changes the lives of 119 people, Griffiths, Ian
Previous by Thread:  applet security connecting to hosts, F Lace
Next by Thread:  Re: applet security connecting to hosts, Jeremiah Grossman
Indexes:  [Date] [Thread] [Top] [All Lists]