JavaScript Spider (code that can traverse the web)

To: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, webappsec@xxxxxxxxxxxxxxxxx, websecurity@xxxxxxxxxxxxx, pen-test@xxxxxxxxxxxxxxxxx
Subject: JavaScript Spider (code that can traverse the web)
From: "pdp (architect)" <pdp.gnucitizen@xxxxxxxxxxxxxx>
Date: Fri, 6 Oct 2006 17:43:23 +0800
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=googlemail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=nm18lKOb/k+997fz4FK6tVXzdTgZusE9tiA0Adk4CZPupAtpFVMrMJIO+zLGXwwkJDscW4eUxtPrjDznhHdTPSFILjJ2X9TOdUbww4dObKH4rrFMT5OK+mnQFUo6m+WcZF0hpzVbw7Gif8mSO8+dOWZp3ehhHBNV+BRjn5C6JW8=
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

http://www.gnucitizen.org/projects/javascript-spider/

During the last couple of days I have been testing several attack
vectors to circumvent the browser security sandbox also known as the
same origin policy. There is a lot involved into this subject and I
will present my notes very soon.

The JavaScript Spider is the first implementation of a proof of
concept tool which shows that Javascript can be in fact quite
dangerous. This implementation depends on proxydrop.com but other
proxies are possible as well: Google Translate is one of them. Keep in
mind that the tool spiders only the first level.

The tool is located here:
http://www.gnucitizen.org/projects/javascript-spider/launch.htm

As you can see publicly available anonymizing proxies can be used to
fetch remote pages. This technique will work quite successfully on
Internet resources but not on Intranet. The reason for this is quite
obvious.

Suggestions and comments are greatly appreciated.

--
pdp (architect)
http://www.gnucitizen.org

Prev by Date: Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws
Next by Date: RE: Informing Companies about security vulnerabilities...
Previous by thread: PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability
Next by thread: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit
Index(es):
- Date
- Thread