HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 31 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow Exploiting Web Browser Vulnerabilities
EH-Net
May 23, 2013, 04:33:00 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Exploiting Web Browser Vulnerabilities  (Read 4058 times)
0 Members and 1 Guest are viewing this topic.
lorddicranius
Sr. Member
****
Offline Offline

Posts: 447



View Profile WWW
« on: January 10, 2012, 10:49:16 PM »
I was hoping somebody could verify/clarify something for me...

Whenever I think of web browser vulnerabilities, I always think of having that vulnerability exploited via a specially crafted website.  I was just thinking though: would a vulnerable web browser be just another vulnerable application that could be exploited locally/remotely like, say, a vulnerable FTP server application?
Logged
GSEC, eCPPT, Sec+
ajohnson
Recruiters
Hero Member
*
Offline Offline

Posts: 1057


aka dynamik


View Profile WWW
« Reply #1 on: January 10, 2012, 11:50:50 PM »
Sure, it's just another application. For example, if there's a vulnerability associated with the way a web browser processes JPGs, it's possible that it would be just as vulnerable opening a JPG from the local disk as it would be loading one that's embedded in an HTML page (obviously, depending on how that specific vulnerability could be exploited).
Logged
WIP: GCFA | www.infosiege.net | @infosiege

The day you stop learning is the day you start becoming obsolete.
lorddicranius
Sr. Member
****
Offline Offline

Posts: 447



View Profile WWW
« Reply #2 on: January 11, 2012, 01:05:26 AM »
Just as I suspected.  Thanks dynamik! Smiley
Logged
GSEC, eCPPT, Sec+
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #3 on: January 11, 2012, 04:42:36 PM »
There's quite a few browser exploits in Metasploit, along with one module that tries a lot of different exploits.

Set up a VM with e.g. IE5 or IE6 on an unpatched system, serve a client-side browser exploit with Metasploit, browse to the page with your vulnerable VM.  Smiley

Browser-exploits, targets the browser of course, but also Java, Flash, Image-interpreters, and sometimes custom extensions too. (And more.)

But as dynamik said, it is in essence just another application  Grin
Logged
I'm an InterN0T'er
lorddicranius
Sr. Member
****
Offline Offline

Posts: 447



View Profile WWW
« Reply #4 on: January 11, 2012, 05:04:11 PM »
Good idea MaXe, I'll do that tonight when I get home.  I think I have an unpatched WinXP VM already, but will have to double check.
Logged
GSEC, eCPPT, Sec+
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.058 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.