Ethical Hacking steps against a Web Browswer

This topic contains 3 replies, has 3 voices, and was last updated by  kitchensync 9 years, 10 months ago.

  • Author
    Posts
  • #4502
     kitchensync 
    Participant

    I have a client who is using an opensource platform to create their own web browser. I am having a hard time figuring out the steps I need to take to hack this thing.

    1. Go to sites that perform some security testing on the browswer. I found one out of Belgim http://bcheck.scanit.be/bcheck/ . They perform some high level testing over the net which is cool, but I would like something even more intense. Any suggestions?
    2. In a sandbox environment, go to sites with known malware and see how hard it is to get some applets or activex bits installed. Anyone know if there is an up-to-date list of sites with known Malware?
    3. General standards based testing sites such as acid3? Any ideas?

    Thanks guys for any pointers.

    S

  • #28203
     Ketchup 
    Participant

    Well, if you have access to the source code, you could audit for the typical stuff, buffer overflows, format strings, etc.  If the browser handles plugins, like Acrobat and Shockwave, the same principles apply to testing those.  There is also cross-domain code handling, javascript, etc. 

  • #28204
     Kev 
    Participant

    As Ketchup mentioned, you really need to get your hands on the browser and preferably the source code, though having the source code isn’t always critical. Depending on the size of the program, we can sometimes produce some exploits just by fuzzing.  Going to an exploit site and just blindly blasting them at a program that was privately written is more than likely going to fail. In theory you could get lucky depending on how much code might have been “borrowed”, but the odds are very much against it. 

  • #28205
     kitchensync 
    Participant

    Thanks for the responses. We will have access to the source code for sure… and I totally agree it is a great place to start, which we will.

    I do think it is important to show the client how it reacts to some known browser vulnerabilities (webkit based). Any feedback on where a list like that exists? (been searching around and have found very little). Or if not the site, perhaps a location where some common js malware is found..

    Thanks again for your responses.

    Ks

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?