[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Java Hole: Web Graffiti & Covert Channels



--------------------------------------------------------
Web Graffiti & High Bandwidth Covert Channels Using Java
--------------------------------------------------------

While developing a chat server using Java as a frontend, we've
been exploiting what we think is a new Java security hole in
Java-enabled browsers such as Netscape.  The hole allows for
opening sockets to arbitrary ports on web servers that serve
Trojan-horse applets.

We've also used a known security hole (covert channels) first mentioned
in work by the SIP group at Princeton to create what we call
'Web Graffiti' - the dynamic insertion of text, graphics, applets, into 
HTML pages.  

Both of these attacks are three-party attacks and require Trojan-
horse applets.  For a draft of a paper that is work in progress, 
point your browser to:

http://whenever.CS.Berkeley.EDU/graffiti/

Chad Yoshikawa		Brent Chun
[email protected]	[email protected]