Monday, January 26, 2009

Top Web Hacking Techniques of 2008

Jeremiah has put out a request for the top web hacking techniques of 2008. This post serves to summarize my suggestion, which is ActiveX Repurposing attacks. These are attacks where malicious web sites abuse the functionality of ActiveX objects already installed on Windows machines, in order to download and execute code (among other things). No debugger necessary :-)

References:

1. An ActiveX Dropper described by Dean: Owning the Client without an Exploit

2. Sensepost Juniper SSL VPN ActiveX repurposing by Haroon: ActiveX Repurposing.. (aka: Other bugs your static analyzer will never find..) (aka 0day^H^H 485day bug!)

3. SonicWALL SSL VPN ActiveX repurposing by yours truly: Network World article
and SonicWALL announcement.

4. Hmm, I thought this was more recent, but it was actually from 2005 (read down in the wiki): Sony DRM Root Kit Scandal

No comments: