Re: [WEB SECURITY] JavaScript Malware, port scanning, and beyond

[Jeremiah Grossman <jeremiah@xxxxxxxxxxxxxxx>]

On Jul 31, 2006, at 4:27 PM, Amit Klein (AKsecurity) wrote:

> On 31 Jul 2006 at 12:25, Jeremiah Grossman wrote:
>
> > Brute Forcing Basic HTTP Auth:
> > HTTP Basic Auth has proven to be a worthy adversary when it come to
> > JavaScript Malware. If a target web server has a default u/p basic
> > auth, like so many DSL routers, and the victim is running Firefox/
> > Mozilla, your gold. Firefox/Mozilla support the url notation (http://
> > user:pass@host/), while Internet Explorer (IE) does not. So forcing
> > an authenticated Basic Auth request with IE is not possible (as best
> > we can tell).
>
> How about using Flash? you can then force the Authorization request  
> header (I guess - I
> didn't try it), a-la my "Forging HTTP request headers with Flash":
>
> http://www.webappsec.org/lists/websecurity/archive/2006-07/ 
> msg00069.html
> (+ errata at http://www.webappsec.org/lists/websecurity/archive/ 
> 2006-07/msg00084.html)

Hey, maybe! Thats why I posted the limitations, they just might cause  
someone become interested. I don't have the test environment set up  
to try it myself. Let us know what you find.


Jer-


----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]