Papers

Inter-Protocol Communication

Author: Wade Alcorn
Date: 27/08/06
This paper explores the Inter-Protocol Communication attack vector. That is, the potential of two different protocols meaningfully communicating commands and data. This has been investigated through encapsulating the target protocol within a carrier protocol. The findings demonstrate that under certain conditions distinct protocols are interoperable.

Inter-Protocol Exploitation

Author: Wade Alcorn
Date: 05/03/07
This paper extends the Inter-Protocol Communication and other research to explore Inter-Protocol Exploitation. The findings demonstrate the practicality of encapsulating exploit code in one protocol to compromise a program which uses a different protocol.

Manipulating FTP Clients Using The PASV Command

Author: Mark
Date: 04/03/07

A common implementation flaw in FTP clients allows FTP servers to cause clients to connect to other hosts. This seemly small vulnerability has some interesting consequences for web browser security.

This paper discusses the FTP client flaw in detail and demonstrates how it can be used to attack common web browsers such as Konqueror, Opera and Firefox. Proof of concept code is presented that extends existing JavaScript port-scanning techniques to scan any TCP port from Firefox (even though it now implements "port banning" restrictions). Because of the way the same-origin policy is applied it is also possible to perform banner-grabbing scans against arbitrary hosts. Finally, for services that don't return a banner an alternative fingerprinting technique is demonstrated which measures the time it takes servers to close inactive TCP connections.

The Advanced Cross-site Scripting Virus

Author: Wade Alcorn
Date: 27/12/06
In October 2005, the author presented a paper exploring the then-new threat of cross-site scripting (XSS) viruses. These viruses were a new platform independent species that propagate using a symbiotic relationship between the web client and the server. Since this time techniques in this area have increased in sophistication and impact. This paper will explore the real potential of the web being infected with a cross-site scripting virus that autonomously searches for, and employs, new vulnerabilities for propagation.

The Cross-site Scripting Virus

Author: Wade Alcorn
Date: 27/09/05
This paper explores the new threat of cross-site scripting (XSS) viruses. These viruses are a new species which are platform independent and not affected by common firewall configurations. XSS viruses could have a significant impact for Internet continuity, including distributed denial of service (DDOS) attacks, spam and dissemination of browser exploits. This is particularly relevant with the increasing sophistication of web browsers and the growing popularity of web based applications such as Wikis and Blogs.

Real World XSS Viruses: