« Metasploit 3.0 released | Main | HDIV (HTTP Data Integrity Validator) 1.1 released »

Whitepaper: Inter-Protocol Exploitation

"In October 2006, this author presented a paper exploring the threat of Inter-Protocol Communication. That is, the possibility of two different applications using two different protocols to meaningfully exchange commands and data. This paper extends that and other research to explore Inter-Protocol Exploitation. These findings demonstrate the practicality of encapsulating exploit code in one protocol to compromise a program which uses a different protocol."


"Research within the area of web browser security, particularly Browser Exploitation Frameworks, Cross-site scripting Viruses and Inter-Protocol Communication has become a catalyst for further exploration into Inter-Protocol Exploitation. That is, an attack vector which encapsulates malicious data within a particular protocol in such a way that the resultant data stream is capable of exploiting a different application which uses a different protocol entirely.

For successful exploitation across protocols, at least one precondition needs to be met: a method to encapsulate the exploit within the carrier protocol. Depending on the complexity of the handshake, error tolerance and protocol encapsulation may also be required. These two conditions are discussed in the paper �Inter-Protocol Communication�, which is the suggested preliminary reading for this paper.

This paper will focus almost exclusively on using HTTP as the carrier protocol for Inter- Protocol Exploitation. This is due to the ready availability of web browsers on internal networks and the power of JavaScript. The JavaScript language allows the construction of arbitrary HTTP/S requests to arbitrary hosts and arbitrary ports."

Whitepaper Link:  http://www.ngssoftware.com/research/papers/InterProtocolExploitation.pdf


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

Post a comment

Remember personal info?