text.skipToContent text.skipToNavigation

The Browser Hacker's Handbook von Alcorn, Wade (eBook)

  • Erscheinungsdatum: 26.02.2014
  • Verlag: Wiley
eBook (ePUB)
42,99 €
inkl. gesetzl. MwSt.
Sofort per Download lieferbar

Online verfügbar

The Browser Hacker's Handbook

Hackers exploit browser vulnerabilities to attack deep within networks The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods. The web browser has become the most popular and widely used computer 'program' in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as: Bypassing the Same Origin Policy ARP spoofing, social engineering, and phishing to access browsers DNS tunneling, attacking web applications, and proxying - all from the browser Exploiting the browser and its ecosystem (plugins and extensions) Cross-origin attacks, including Inter-protocol Communication and Exploitation
The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.


    Format: ePUB
    Kopierschutz: AdobeDRM
    Seitenzahl: 650
    Erscheinungsdatum: 26.02.2014
    Sprache: Englisch
    ISBN: 9781118914359
    Verlag: Wiley
    Größe: 27276 kBytes
Weiterlesen weniger lesen

The Browser Hacker's Handbook

Chapter 2

Initiating Control

Your first browser hacking step is to capture control of your target browser. This is just like getting your foot in the front door. Whilst there are many other actions you need to achieve before realizing your final goal, this all-important step must be taken first in every instance. This is the Initiating Control phase of the browser hacking methodology.

Every time the web browser executes code from a web server, it opens the door to an opportunity for you to capture control. By executing web server code, the web browser is surrendering some influence. You need to craft a situation where the browser will run code that you have created. Once you accomplish this, you will have the opportunity to start twisting the browser's functionality against itself.

The Initiating Control phase may involve varying degrees of sophistication. There are many ways that you can execute your instructions; some are reasonably trivial and others require much more effort. The most obvious way to gain control is by your target simply browsing to your own web application.

Web application security testers will be aware and comfortable with a number of the techniques discussed in this chapter. In fact, a number of these are well known, widely published, and frequently dissected within the security community.

Once you have your instructions executing in the browser, you will need to examine and understand your constraints. But first let's jump in and explore ways to achieve this first phase of the methodology––Initiating Control.
Understanding Control Initiation

Your first challenge is to find a way to achieve a degree of influence over the target. To do this, you will want to somehow execute your preliminary instructions. Getting some initial code into the target browser is how you will initiate your control and start the browser hacking process.

This code takes many forms. For example, JavaScript, HTML, CSS, or any other browser-related logic can serve as a vehicle for initiating control. Sometimes this logic may even be encapsulated within a bytecode file, such as a malicious SWF (Adobe Flash format) file.

The technique by which you achieve control of your target will depend a lot on the circumstances surrounding the attack. If you use a compromised site, you can execute drive-by downloads. However, if you are spear-phishing users, then a Cross-site Scripting (XSS) weakness may be the best bet, and if you are sitting in a coffee shop, then network attacks may be the way to go. You will examine these forms of attack in the upcoming sections.

In this chapter, you will touch on the term hooking . Hooking a browser starts with the execution of the initial code and then extends into retaining the communication channel (which you will explore in the next chapter). Of course, first you need to get your precious instructions into the target browser so let's start there.
Control Initiation Techniques

You have a myriad of ways at your disposal to capture control of your target browsers. This is thanks to the explosive growth of the Internet, the complexity in modern browsers, the number of dynamically executable languages, and the confusing models of trust.

The remainder of this chapter discusses various control initiation methods but you shouldn't consider them an exhaustive set. The rapidly changing face of the browser will likely continue to yield different options for you.
Using Cross-site Scripting Attacks

Prior to the introduction of JavaScript into Netscape Navigator in 1995, 1 web content was mostly statically delivered HTML. If a website wanted to change any content, the user would typically have to click a link, which then initiated an entirely new HTTP request/response process. It was be

Weiterlesen weniger lesen