Code-Injection Attacks in Browsers Supporting Policies
نویسندگان
چکیده
Code-injection attacks can take place in a large variety of layers, from native code to databases and web applications. The latter case involves mainly client-side code injection in the browser environment, also known as Cross-Site Scripting (XSS). There are numerous ways to defeat XSS attacks, from static and taint analysis to policy enforcement in the web browser. In this paper, we enlist new forms of XSS attacks that seek to bypass browser enforced policies. The attacks outlined in this paper resemble the classic return-tolibc attack in native code. We propose a new form of code isolation, based on browser actions, in order to mitigate the problem.
منابع مشابه
Side channel parameter characteristics of code injection attacks
Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...
متن کاملStitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been extensively used to exploit bugs in modern software programs (e.g., web browsers and PDF readers). ROP attacks require no code injection, and have already been shown to be powerful enough to bypass fine-grained memory randomization (ASLR) defenses. To counter this ingenious attack strategy, sever...
متن کاملSecuring Script-Based Extensibility in Web Browsers
Web browsers are increasingly designed to be extensible to keep up with the Web’s rapid pace of change. This extensibility is typically implemented using script-based extensions. Script extensions have access to sensitive browser APIs and content from untrusted web pages. Unfortunately, this powerful combination creates the threat of privilege escalation attacks that grant web page scripts the ...
متن کامل⊕JS: Lightweight Cross-Site Scripting Prevention Using Isolation Operators
Cross-site scripting (XSS) attacks constitute one of the major threats for today’s web sites. Recently reported numbers on XSS vulnerabilities, coupled with the increasing complexity of modern web browsers, clearly highlight the need for effective mitigation mechanisms. However, despite the significance of these attacks, a definitive approach against any type of XSS vulnerability sill remains e...
متن کاملDefending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks
Drive-by download attacks are among the most common methods for spreading malware today. These attacks typically exploit memory corruption vulnerabilities in web browsers and browser plug-ins to execute shellcode, and in consequence, gain control of a victim’s computer. Compromised machines are then used to carry out various malicious activities, such as joining botnets, sending spam emails, or...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009