diff options
| author | luxagraf <sng@luxagraf.net> | 2019-05-04 15:48:55 -0500 |
|---|---|---|
| committer | luxagraf <sng@luxagraf.net> | 2019-05-04 15:48:55 -0500 |
| commit | 79fafe2f44f5e31522dd93013950474342bfdfb0 (patch) | |
| tree | bc9ccf5b4eadeebf3a2f86b21f9b382edfa41735 /old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt | |
| parent | 62167091560c908db0613bcb35ff9ae8292f5961 (diff) | |
archived all the stuff from freelancing for wired
Diffstat (limited to 'old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt')
| -rw-r--r-- | old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt b/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt new file mode 100644 index 0000000..2c14c6c --- /dev/null +++ b/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt @@ -0,0 +1,29 @@ +Just days after vulnerabilities were discovered in Google's toolbar for Firefox, hacker Robert Hansen has discovered that a similar exploit could be launched against Google's popular Google Desktop tool. + +Hansen has posted a [proof of concept attack][1] that shows how malicious crackers could use Google Desktop to launch software on a victim's computer (video after the jump). As zero day exploits go this one is pretty complicated and so far as anyone knows hasn't been used in the wild. + +However, given the growing popularity of apps that bridge the online/offline gap, it's likely that such attacks will become more common. + +In the case of Google Desktop Hansen outlines the steps involved: + +>* User goes to Google and performs a search. +* Man in the middle detects the action and proceeds to inject their own content. +* The attacker injects a piece of JavaScript that creates an iframe to the target URL as well as makes the iframe follow the mouse (typically this would be invisible to the user, but for demonstration purposes I made it visible). +* He then frames another search query to correctly position the content inside the follow mouse script. +* As the evil search query loads, he injects a meta refresh to reload the same page forcing Google Desktop to load. In the example video below I am launching hyperterm, but you could make it any program already installed on the victim machine that is indexed by Google Desktop. +* User inadvertently clicks on evil Google Desktop query which actually runs the associated program. + +Obviously there are easier ways to attack a PC and it doesn't appear that an attacker can install any unauthorized software, but the attack does show the sorts of exploits that become possible with the merging of web-based and desktop software. + +So far Google has not commented on the issue. + +Earlier this week Christopher Soghoian (of [boarding pass exploit fame][3]) showed vulnerability in Firefox add-ons that allow for a similar "man-in-the-middle" type of attack which *could* be used to install malicious software. + +A video of Hansen demonstrating the attack is embedded below. + + +<embed style="width:400px; height:326px;" id="VideoPlayback" type="application/x-shockwave-flash" src="http://video.google.com/googleplayer.swf?docId=2726113702646327649&hl=en" flashvars=""> </embed> + +[2]: http://blog.wired.com/27bstroke6/2007/05/google_yahoo_fa.html "Google, Yahoo, Facebook Extensions Put Millions of Firefox Users At Risk -- Updated" +[3]: http://www.wired.com/science/discoveries/news/2006/10/72023 "Boarding Pass Hacker Under Fire" +[1]: http://ha.ckers.org/google-desktop-0day/ "Google Desktop 0day"
\ No newline at end of file |