Monday, April 11, 2011

Mozilla Firefox Internals & Attack Strategies

This paper aims to detail some of the techniques and methods that exist to subvert a fully patched and functioning browser Firefox. This aims to provide insight to developers and end users on some methodologies which could be used by malicious users. We will understand some of the basic important components that make up the Mozilla platform and various attacks that can be targeted against it.
Firefox is a trusted browsing platform used by millions across the globe. It is a platform that is used by experts and novices. One of the biggest advantages and reason for massive success of Mozilla is an extensible plug-in model which allows the developers add additional features to the Mozilla Firefox environment than what was perceived by the original writers. Our topic of discussion is focused around these extension modules and how a malicious developer can use some of these powerful features to subvert a Firefox and the underlying systems. The Code of extension runs with the same privilege that the browser enjoys.


No comments: