Create an Account
username: password:
 
  MemeStreams Logo

Speaking at BlackHat 2008:
search
Home Agent Weblogs Social Network Post Help About

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Speaking at BlackHat 2008:
Topic: Current Events 9:13 am EDT, May 16, 2008

Circumventing Automated JavaScript Analysis Tools
Billy Hoffman

[snip]

Next we explore multiple new techniques to circumvent the current generation of automated analysis tools by detecting their presence from inside malicious JavaScript. (JSPill? hmmmm) These methods include HTTP/browser fingerprinting, DOM testing and encrypting, Doman and Network testing, Execution environment testing, and cross plugin communication testing. We will demonstrate malicious JavaScript detecting analysis tools using these methods and refusing to give up its secrets until its running in the web browser of choice. We’ll demonstrate encrypting JavaScript to only run in particular browsers or environments. We’ll also demonstrate a couple other tricks, such as encoding malicious JavaScript as nothing but white space, and function clobbering for fun and profit.

Time to kick CaffineMonkey in the ass. Sorry Ben, I owe you a beer.

And, as is often the case, this technology has no legitimate use.

Speaking at BlackHat 2008:

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0