Be the first to like this
Browser security is still one of the trickiest challenges to afford
nowadays. A lot of efforts has been spent on mitigating browser
exploitation from heap and stack overflows, pointers dereference and other
memory corruption bugs. On the other hand there is still an almost
X-Frame-Options, X-XSS-Protection, Content Security Policy, DOM sandboxing
are good starting points to mitigate the XSS plague, but they are still
not widely implemented.
We will see how a framework like BeEF can be used to abuse the security
context of a browser. As we are able to manipulate the DOM for fun and
profit in 95% of web applications, a trivial reflected or DOM-based XSS is
enough to hook a victim browser to BeEF and control it completely.
The presentation will cover the following main areas, between the many:
Cutting: stealth activities, target enumeration and analysis, comman
Devouring: internal network fingerprint via JS, exploiting internal
services through the browser, keylogging, browser pwnage, autopwn.
Digesting: persistence, tunneling sqlmap/Burp through BeEF proxy, XSS Rays