[WEB SECURITY] JavaScript Malware, port scanning, and beyond

Jeremiah Grossman jeremiah at whitehatsec.com
Mon Jul 31 18:30:32 EDT 2006


On Jul 31, 2006, at 4:27 PM, Amit Klein (AKsecurity) wrote:

> On 31 Jul 2006 at 12:25, Jeremiah Grossman wrote:
>
>>
>> Brute Forcing Basic HTTP Auth:
>> HTTP Basic Auth has proven to be a worthy adversary when it come to
>> JavaScript Malware. If a target web server has a default u/p basic
>> auth, like so many DSL routers, and the victim is running Firefox/
>> Mozilla, your gold. Firefox/Mozilla support the url notation (http://
>> user:pass at host/), while Internet Explorer (IE) does not. So forcing
>> an authenticated Basic Auth request with IE is not possible (as best
>> we can tell).
>
> How about using Flash? you can then force the Authorization request  
> header (I guess - I
> didn't try it), a-la my "Forging HTTP request headers with Flash":
>
> http://www.webappsec.org/lists/websecurity/archive/2006-07/ 
> msg00069.html
> (+ errata at http://www.webappsec.org/lists/websecurity/archive/ 
> 2006-07/msg00084.html)

Hey, maybe! Thats why I posted the limitations, they just might cause  
someone become interested. I don't have the test environment set up  
to try it myself. Let us know what you find.


Jer-


----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list