SecurityTubeBeta Watch ... Learn ... Contribute |
 |
 |
 |
 |
 |
  |
|
Xdoor (Ajax based Backdoor)
The term Web 2.0 is a popular buzzword, most technicials can't hear anymore. Primarily because most project managers and users do not know what it is. The core component is Ajax (Asynchronous JavaScript and XML). For some the the discussion rose if there is a possibility of creating an Ajax-based backdoor to compromise and hijack networking computers. Since 2008 we are working on an implementation with the project name Xdoor (XmlHTTP Backdoor). Those we use in our backdoor testing projects. The possibilities of Xdoor are:
* Interaction with the client (e.g. chats)
* Generation of new popups and dynamic html sites
* Access to and upload of files * Launching new applications (ActiveX)
* Influences on mouse and keyboard (ActiveX)
For more details visit http://www.scip.ch/?labs.20090617 (german).
Tags: Xdoor Ajax Backdoor Javascript Exploit Browser Attack scip AG JS JScript Internet Explorer Mozilla Firefox Webbrowser Exploiting Demo Video Howto ActiveX Java Trojan Horse Trojanisches Pferd Trojaner RAT
Thanks go out to Marc Ruef (marc.ruef [] computec [] ch) for submitting this video to us.
* Interaction with the client (e.g. chats)
* Generation of new popups and dynamic html sites
* Access to and upload of files * Launching new applications (ActiveX)
* Influences on mouse and keyboard (ActiveX)
For more details visit http://www.scip.ch/?labs.20090617 (german).
Tags: Xdoor Ajax Backdoor Javascript Exploit Browser Attack scip AG JS JScript Internet Explorer Mozilla Firefox Webbrowser Exploiting Demo Video Howto ActiveX Java Trojan Horse Trojanisches Pferd Trojaner RAT
Thanks go out to Marc Ruef (marc.ruef [] computec [] ch) for submitting this video to us.
We hate these ADs as much as you do! Help us stay FREE and CLEAN by making a Generous Donation!
Related Videos from: Backdoors and Covert Channels
.jpg) | |||||
You are Viewing this Video Now! | |||||
1005 views |
Author
Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net
©2007 Freak Labs |