Sunday, June 5, 2011

FFFjacking - File From Frame hiJacking

Same web browsers allow to show directory index or content of text-based file in frame, when it is loaded via FILE protokol. It enables hijacking of informations from user's local disk by drag&drop methods. I call this technique "FFFjacking (File From Frame hiJacking)". Combination of Windows XP and Internet Explorer(6,7,8) allows files downloading or uploading between user's local disk and shared folder on attacker's SMB server.

Description of new hacking technique, which allows data hijacking from victim's local disks or upload and run files to victim's computer (depending on used OS and web browser).

What everything attacker can?

Attacker can reach the following (depending on used OS and web browser):
read directory index of user’s computer disks
(a lot of web browsers)
read content of text-based files stored in user’s computer
(a lot of web browsers)
get some file from local disk of user’s computer
(Windows XP + IE)
upload some files to some folder of user’s computer
(Windows XP + IE)
enable to start the uploaded files in user’s computer
(Windows XP + IE)

Potential of FFFjacking attack is very high and dangerous.

POC and more info:
http://www.soom.cz

No comments: