Thread-topic: Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
;-)
> -----Original Message-----
> From: Billy Hoffman [mailto:Billy.Hoffman@xxxxxxxxxxxxxxx]
> Sent: Thursday, July 27, 2006 7:48 PM
> To: websecurity@xxxxxxxxxxxxx
> Subject: [WEB SECURITY] Detecting, Analyzing, and Exploiting
> Intranet Applications using JavaScript
>
> Folks,
>
>
>
> SPI Labs has discovered a technique to scan a network,
> fingerprint all the web-enabled devices it finds, and send
> attacks or commands to those devices. This technique can scan
> networks protected behind firewalls such as corporate
> networks. All the code to do this is written in JavaScript
> and uses parts of the standard that are almost 10 years old.
> Accordingly, the code can execute in nearly any web browser
> on nearly any platform when a user simply opens at a webpage
> that contains the JavaScript. Since this is not exploiting
> any browser bug or vulnerability, there is no patch or
> defense for the end user other than turning off JavaScript
> support in the browser. The code can be part of a Cross Site
> Scripting (XSS) attack payload, increasing the damage XSS can do.
>
>
>
> SPI has published a whitepaper about this technique and has
> also release proof of concept code that will portscan a
> given range of IP's and fingerprint Microsoft IIS and Apache boxes.
>
>
>
> Whitepaper:
>
>
> Proof of Concept:
>
>
>
> Have fun,
>
> Billy Hoffman
>
> --
>
> Lead R&D Engineer
>
> SPI Dynamics -
> <>
>
> Phone: 678-781-4800
>
> Direct: 678-781-4845
>
>
