Send e-mail to ACROS SecurityACROS Security's public PGP key  
Home . Your Security Problems . Our Security Solutions . Advisories . Research . News . Company . Blog
     

Acros Security Research

 

 

Research: 

File Planting

Links: 

Binary Planting Goes "Any File Type"
Google Chrome pkcs11.txt File Planting

Abstract: 

The "File Planting" research project emerged as a spin-off from the "Binary Planting" project when our researchers noticed that not only libraries and executables, but also generic data or configuration files are often being loaded by applications from the current working directory. These files, if maliciously planted by attackers, can instruct applications to do interesting things, for instance disable security mechanisms or execute remote code.

 

 

Research: 

Binary Planting

Site: 

Binary Planting - The Official Web Site

Abstract: 

The research was focused on various types of vulnerabilities where an attacker with low privileges can place (i.e., "plant") a malicious executable file (i.e., "binary") to some possibly remote location and get it launched by some vulnerable application running on user's computer. We found that binary planting vulnerabilities are affecting a large percentage of Windows applications and often allowing for trivial exploitation. We identified ~520 remotely exploitable bugs in ~200 widely-used Windows applications.

 

 

Research: 

Session Fixation

Paper: 

Session Fixation Vulnerability in Web-based Applications

Abstract: 

Many web-based applications employ some kind of session management to create a user-friendly environment. Sessions are stored on server and associated with respective users by session identifiers (IDs). Naturally, session IDs present an attractive target for attackers, who, by obtaining them, effectively hijack users' identities. Knowing that, web servers are employing techniques for protecting session IDs from three classes of attacks: interception, prediction and brute-force attacks. This paper reveals a fourth class of attacks against session IDs: session fixation attacks. In a session fixation attack, the attacker fixes the user's session ID before the user even logs into the target server, thereby eliminating the need to obtain the user's session ID afterwards. There are many ways for the attacker to perform a session fixation attack, depending on the session ID transport mechanism (URL arguments, hidden form fields, cookies) and the vulnerabilities available in the target system or its immediate environment. The paper provides detailed information about exploiting vulnerable systems as well as recommendations for protecting them against session fixation attacks.

 

 

 
Copyright & Disclaimer ©1999-2012 ACROS, d.o.o. All Rights Reserved.