| |
Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
by Acidus at 10:07 pm EDT, Jul 26, 2006 |
Or: How I learned how to port scan company intranets using JavaScript! Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours. This scenario is no longer one of fiction.
You can visit the proof of concept page I created and test drive it now. |
| |
RE: Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
by janelane at 10:53 pm EDT, Aug 4, 2006 |
Acidus wrote:
Or: How I learned how to port scan company intranets using JavaScript! Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours. This scenario is no longer one of fiction.
You can visit the proof of concept page I created and test drive it now.
Billy made the front page of USA Today with his AJAX hijinks. -janelane |
|
Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
by Rattle at 10:20 pm EDT, Jul 26, 2006 |
Or: How Acidus [*] learned how to port scan company intranets using JavaScript! Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours. This scenario is no longer one of fiction.
You can visit the proof of concept page he created and test drive it now. Quite impressive. |
Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
by Decius at 6:16 pm EDT, Jul 27, 2006 |
Or: How Acidus [*] learned how to port scan company intranets using JavaScript! Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours. This scenario is no longer one of fiction.
You can visit the proof of concept page he created and test drive it now. This is really, really, really scar^H^H^H^H cool! |
There are redundant posts not displayed in this view from the following users: jlang, skullaria.
|
|
