Distributed computing in browsers as client side attack

  • 1,943 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
1,943
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
16
Comments
3
Likes
3

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Distributed computingas a client-side attackDEFCON Russia, DCG-781221/02/2013 Saint-Petersburg, Yandex
  • 2. Browsers security basics● Same Origin Policy● Content Security Policy● SSL/PKI features ...● And what about PC resources ?
  • 3. Resources which availableto site through browser● CPU/GPU utilization● RAM● Local storages● Network connections
  • 4. Resources which availableto site through browser● CPU/GPU utilization● RAM● Local storages● Network connections <- nothing new
  • 5. Distributed computing inbrowsers not so new theme● Browser-based distributed evolutionary computation: performance and scaling behavior [2007] ○ http://dl.acm.org/citation.cfm?id=1274083● Unwitting distributed genetic programming via asynchronous JavaScript and XML [2007] ○ http://dl.acm.org/citation.cfm?id=1277282
  • 6. But its may be used as aclient-side attack● XSS● CSRF● SWF malware via ad-networks● Cache-poisoning● CDN hacks
  • 7. CPU/GPU usagerestrictions● Max execution time per page● Freeze timeouts● Problems for user (cursor freeze, etc)
  • 8. CPU/GPU usagerestrictions bypasses● Web workers● Low content transferring● Distracting users attention (i.e. video)
  • 9. ● Classic COOKIES● Web Storage (HTML5, localStorage, sessionStorage objects)● FileAPI (HTML5)● Flash Local Shared Objects (LSO, flash cookies)
  • 10. Local storages restrictions
  • 11. Local storages restrictions● Flash Local Shared Objects (LSO, flash cookies): 50Kb per domain● Freeze timeout● Problems for user (cursor freeze, etc)
  • 12. Where i can store myrainbows?● 100000 subdomains ○ 10000 * 50Kb = 5Gb per each clients browser (5-10 minutes to fill it)● 500 unique visitors on your blog ○ 500 * 5Gb = 2.5Tb data for you ;)
  • 13. How fast JavaScript?● MD5 (http://jsperf.com/md5-shootout)● MacBook Air mid 2011 http://support.apple. com/kb/SP631
  • 14. JavaScript vs HD6990● AMD Radeon HD6990 + oclHashcat-lite: ○ 11*10^9 ops/sec● MacBook Air mid 2011 + jkm JS + Chrome 24.0.1312 ○ 2,4*10^5 ops/sec (less than 5*10^4 times) = x 50000
  • 15. How fast Flash?http://www.blooddy.by/ru/crypto/benchmark/● SHA-256 ○ mx.utils.SHA256 ○ as3corelib ○ blooddy● MD5 ○ as3corelib ○ blooddy
  • 16. How fast Flash?http://www.blooddy.by/ru/crypto/benchmark/● SHA-256 ○ mx.utils.SHA256 ○ as3corelib ○ blooddy [x8 faster]● MD5 ○ as3corelib ○ blooddy [x10 faster]
  • 17. How fast Flash?
  • 18. How fast Flash?Make it faster using optimization! Or not :)))● None - 1,7*10^5 ops/sec● Level 1 - 1,7*10^5● Level 2 - 1,7*10^5
  • 19. ???@ONsec_Lab [http://lab.ONsec.ru]@d0znppd0znpp@onsec.ru