Slipping Past the Firewall DNS Rebinding with Pure Java Applets Billy K Rios (BK) and Nate McFeters.

Slides:



Advertisements
Similar presentations
URI Use and Abuse P\/\/N1ch1\/\/4. Contributing Authors Nathan McFeters – Senior Security Analyst – Ernst & Young Advanced Security Center, Chicago Billy.
Advertisements

Past, Present and Future By Eoin Keary and Jim Manico
The OWASP Foundation Web Application Security Host Apps Firewall Host Apps Database Host Web serverApp serverDB server Securing the.
VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.
Internet Security Protocols
Web Server Programming
Muhammad Taimoor Khan
AJAX Presented by: Dickson Fu Dimas Ariawan Niels Andreassen Ryan Dial Jordan Nielson CMPUT 410 University of Alberta 2006.
1 Owais Mohammad Haq Department of Computer Science Eastern Michigan University April, 2005 Java Script.
Design of Web-based Systems IS Development: lecture 10.
Servlets and a little bit of Web Services Russell Beale.
USING FLASH IN HTML Topics Include: What is Flash? Why use Flash? Flash VS Other Methods What are some things I can do with flash? How can I start using.
Outline IS400: Development of Business Applications on the Internet Fall 2004 Instructor: Dr. Boris Jukic Server Side Web Technologies: Part 2.
Multiple Tiers in Action
Secure Collective Internet Defense (SCID) Yu Cai 05/30/2003
Computer Security and Penetration Testing
Browser Exploitation Framework (BeEF) Lab
 What I hate about you things people often do that hurt their Web site’s chances with search engines.
Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.
Web-based Software Development - An introduction.
1 DNS Rebinding and Socket API Kanatoko
Is Your Website Hackable? Check with Acunetix Web Vulnerability Scanner. Acunetix Web Vulnerability Scanner V9.
1 CS 3870/CS 5870 Static and Dynamic Web Pages ASP.NET and IIS.
HTML5 Group 3: Dongyang Zhang, Wei Liu, Weizhou He, Yutong Wei, Yuxin Zhu.
Tutorial 7 Working with Multimedia. XP Introducing Multimedia Bandwidth is a measure of the amount of data that can be sent through a communication pipeline.
HTML Forms and Scripts. Session overview What are forms? Static vs dynamic Client-side scripts –JavaScript.
Databases and the Internet. Lecture Objectives Databases and the Internet Characteristics and Benefits of Internet Server-Side vs. Client-Side Special.
Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.
CSS/417 Introduction to Database Management Systems Workshop 5.
HTTP client wide area network (Internet) HTTP proxy HTTP server HTTP gateway firewall HTTP tunnel Copyright Springer Verlag Berlin Heidelberg 2004.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
BLUEPRINT: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers Mike Ter Louw, V.N. Venkatakrishnan University of Illinois at Chicago.
CS 493/693: Distributed Systems Programming V. “Juggy” Jagannathan CSEE, West Virginia University March 21, 2005.
JMeter SEGFAULT Arjun Bhasin Chakori Macherla Gunjan Raghav Jaideep Singh Vicky Sehrawat.
JavaScript Tabriz university Its September 1995.
1 Accelerated Web Development Course JavaScript and Client side programming Day 2 Rich Roth On The Net
20-753: Fundamentals of Web Programming 1 Lecture 1: Introduction Fundamentals of Web Programming Lecture 1: Introduction.
Chapter 34 Java Technology for Active Web Documents methods used to provide continuous Web updates to browser – Server push – Active documents.
JAVA Java is a programming language and computing platform first released by Sun Microsystems in It was first developed by James Gosling at Sun Microsystems,
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Grid Chemistry System Architecture Overview Akylbek Zhumabayev.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Active Web Technology Alan Dix
Protecting Browsers from DNS Rebinding Attacks Collin Jackson, Adam Barth, Andrew Bortz ACM CCS Systems Modeling & Simulation Lab. Kim.
JavaScript Syntax, how to use it in a HTML document
Web Architecture Introduction
J ava P rogramming: From Problem Analysis to Program Design, From Problem Analysis to Program Design, Second Edition Second Edition D.S. Malik D.S. Malik.
SiteAngel Understanding and Using SiteAngel
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
Ajax for Dynamic Web Development Gregory McChesney.
 There are device known as Server  Web Server / HTTP Server  Each computer has unique number known as IP Address  Domain Name.
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 14 Database Connectivity and Web Technologies.
JavaScript Dynamic Active Web Pages Client Side Scripting.
Learning Aim C.  In this section we will look at some simple client-side scripts, browser compatibility, exporting and compressing and suitable file.
The Internet Salihu Ibrahim Dasuki (PhD) CSC102 INTRODUCTION TO COMPUTER SCIENCE.
Applications Active Web Documents Active Web Documents.
Web-based Software Development - An introduction
January Webinar: How to Integrate FileCatalyst Java Applets
Web Concepts Lesson 2 ITBS2203 E-Commerce for IT.
Servlet Fudamentals.
Nick Sims Scripting Languages.
Web Debugging Proxy Application
PHP / MySQL Introduction
04 | Web Applications Gerry O’Brien | Technical Content Development Manager Paul Pardi | Senior Content Publishing Manager.
Dynamic Web Pages Jin Wu INF 385E Information Architecture
Computer Based Adaptive Testing
Unit 6 part 3 Test Javascript Test.
Introduction to JavaScript
Mike Ter Louw, V.N. Venkatakrishnan University of Illinois at Chicago
Presentation transcript:

Slipping Past the Firewall DNS Rebinding with Pure Java Applets Billy K Rios (BK) and Nate McFeters

Overview Implications of DNS Rebinding Attacks The Attack Demo Final Thoughts Questions?

Implication of DNS Rebinding Attacks Some Thoughts about Firewalls –I prefer pwning the server :p –Client Side Technologies –Heavy Doors with Open Windows –Sun Tzu was a Hacker….

Implication of DNS Rebinding Attacks JavaScript –Sockets?!?! Flash –Sockets! LiveConnect (Firefox and other Gecko Based Browsers) –Sockets!

Why JAVA Applets? David Bryne –Java Applets? ….. Actually LiveConnect (Firefox only!)

Princeton Computer Science PHDs? Why JAVA Applets?

Sockets! Abstraction Libraries / Classes –JDBC –SSL –Others Remote Control over Java Applet

The Attack - Setup The Internet XSSd Web Site Victim Attacker Oracle DB

The Attack - Setup

Close The Browser –Closing the Browser Destroys the Instance of the JVM –Applet Remains cached till 2010 Call an External Java Supported Application –Firefoxurl, Navigatorurl, Picasa… –Each Application has its own instance of the JVM –Applet Remains cached till 2010 Load Different Versions of the JRE –Somewhat limited in newer versions of the JVM –Maybe removed in the future –Applet Remains cached till 2010

The Attack

Remotely Controlling the Applet Script Src –Remote JavaScript is loaded Via Script Src –Dynamic Content (Despite Caching) JavaScript / Java Applet Interaction –Public Methods –Public Variables Remote Control Through an XSS Proxy (XS-Sniper)

DEMO

Questions and Final Thoughts

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.