Browser Security Handbook

dblackshell — Wed, 24 Jun 2009 17:02:07 +0000

Recently after moving the blog to this self-hosted platform I decided to cleanup a bit my feed reader… you know, add some, delete some. And while searching for blogs to subscribe to I came across Michal Zalewski’s website searching for a feed. Unfortunately didn’t find a feed, but did find his newest project…

The Browser Security Handbook is a free online book covering information related to web browsers like: IE6, IE7, FF2, FF3, Opera, Chrome, Safari and Android. The book covers material from url schemas, http protocol, DOM, up to same-origin policy.

Being a comprehensive document about browsers it’s a book that I would recommend security testers, as well to website developers. I wouldn’t be amazed if it where a reference lecture upon browsers in the years to follow.

If you are here you might as well check other published material from Michal Zalewski: “I don’t think I really love you” (first Zalewski material I ever read), Absence of fd-based unlink(), “Delivering signals for Fun and Profit”, Rise of the Robots, Juggling with packets, IP Fragmentation and “Strike that out, SAM”.

Exploit Shield

dblackshell — Wed, 24 Jun 2009 16:35:20 +0000

An exploit (from the same word in the French language, meaning “achievement”, or “accomplishment”) is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). This frequently includes such things as violently gaining control of a computer system or allowing privilege escalation or a denial of service attack. (Wikipedia)

Eleven days ago Microsoft did a disclosure on the MS09-002. Seven days later we already had a proof of concept that was used in the wild, and today having even the Metasploit exploit.

Eleven days have passed, did you patch the vulnerability? Most of the users will not have it patched too soon, even if it comes with the automatic updates. Many just simply have automatic updates turned off. Even so, there are some patches which take a long time to be released, for example the MS08-078 patch did take a while to be released.

And here comes in Exploit Shield an application which will protect your from browser based exploits (either IE or Firefox), but don’t over trust it, as soon as a patch comes out you should fix the vulnerability.

Exploit Shield is designed to shield Web browsers between the development of an exploit and the release of the vendor’s patch.

Exploit Shield posses the following functionality: Zero Day Defense, Patch-Equivalent Protection, Proactive Measures, Protects Against All Websites and Automatic Feedback.

But does it work? Of course it does, check out the detection of a MS09-002 based exploit which was catched by the heuristics incorporated in the software.

It’s also a program that would be useful when researching/coding such exploits, although the automatic submission should be disabled in that case (*grin*).

If you haven’t got it yet, you can download it from here.

insanesecurity » IE

Browser Security Handbook

Exploit Shield