×
  • Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
 

Exploiting Firefox Extensions

by Pentester/Reseacher on Mar 25, 2010

  • 2,894 views

Hundreds of Firefox addons are created every week. Millions of users download them. Some addons are even recommended by the Mozilla community, and users implicitly trust them. We don't trust a single ...

Hundreds of Firefox addons are created every week. Millions of users download them. Some addons are even recommended by the Mozilla community, and users implicitly trust them. We don't trust a single one, and we will show you why.

This talk details how we have abused some of the most popular and recommended Firefox addons, with previously unreleased vulnerabilities. From the Mozilla download statistics, over 15 million users are potentially affected. Demos will cover remote code execution, local file disclosure and other tailored Firefox Addon exploits.

Don't panic - the Addons manager can be found under the 'Tools' tab in your Firefox menu. We expect to see a lot of people clicking the "Uninstall" button after this presentation.

Statistics

Views

Total Views
2,894
Views on SlideShare
2,893
Embed Views
1

Actions

Likes
3
Downloads
112
Comments
0

1 Embed 1

https://twitter.com 1

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
Post Comment
Edit your comment

Exploiting Firefox Extensions Exploiting Firefox Extensions Presentation Transcript