Printer Friendly Version
Email this thread to a friend
|
Featured Web Site Template |
|
Reflects user activity within the last 5 minutes
|
|
| Member |
Message |
g1smd
Staff
Joined: Jul 28, 2002
# Posts: 10418
|
Posted: 2005-Jun-19 09:07
I am going to keep this really simple, and so it isn't a full explanation. The programmer writing your browser software allocated a section of memory for a piece of data, used by the program. That section of memory is a finite size, and the programmer should check to see what data is written to that area of memory. They should especially check to see how big it is. The person writing the exploit sends your browser some data but it is waaay too large to fit the memory space reserved for it. Consequently the data escapes out of the reserved section of memory and overwrites whatever is in the next section of memory in your computer. If that memory contained a part of the runnable program, then whatever that extra data sent by the exploit was is now sat in your computer and will be run instead of the bit of the program that was there. The extra data is usually just a hook to call in more of the exploit code; but once it opens the door, then it has taken over your browser and maybe even the whole computer.
[ Message was edited by: g1smd 06/19/2005 01:28 am ]
|
 |
Curt
Joined: Eons Ago
# Posts: 3735
|
Posted: 2005-Jun-19 16:54
Then theoretically it sounds like if someone made a simple html web page large enough, they could insert malicious code embedded right in the html page itself. That could make simple browsing dangerous couldn't it? Do we quit surfing because html or an image might be dangerous too?
|
|
lizardz
Joined: Nov 12, 2004
# Posts: 1394
|
Posted: 2005-Jun-19 21:48
No, that's not right. Unless the browser makers had actually made that mistake. HTML itself is a pretty robust component of browsers, one of the more popular methods being exploited recently is cross site scripting vulnerabilites, usually involving iframes running as safe sites within the browser, when they shouldn't be, since its a separate site, can't remember the exact details, but that too was a js scripting vulnerability, js was allowed too much system access in that one circumstance, bug in browser.
Keep in mind that the exploits, especially the MSIE exploits, are not trivial, they have been used to take over systems, and continue to be used to take over systems.
This is why increasingly email clients, for example, are being released with defaults of js turned off, that's because for example outlook express uses the MSIE engine to display html emails.
The image exploits have been relatively few, there was a jpeg one for MSIE, but I don't think it was that severe, and recently a png and gif one if I remember right, but active x and js remain the primary tools used to achieve the desired results. MSIE of course is the overwhelming favorite target, primarily because it's active x 'feature' gives unacceptably deep access to the underlying os. Which is what makes most of the security alerts for non msie browsers somewhat deceptive, the amount of damage malware authors can do to client systems running msie tends to be much more severe than any other methods, that's how botnets are born and created, it's like stealing candy from babies.
One reason some of these details escape me is that I haven't used MSIE as anything but a test browser for almost 5 years, so I only keep up with this for clients, and the more I switch them away from ms products, the less attention I pay to the new exploits that come out.
|
|
uk_writer
Joined: Jun 15, 2005
# Posts: 28
|
Posted: 2005-Jun-23 14:52
Well while this is all fascinating, haven't we all forgotten what the first question was about. At the end of the day there is one very simple solution that has been around since dinosaurs walked the earth - rather than IFRAMEs the page could be a good old fashioned FRAMESET. Sorted - click the thumbnail and load a new page containing the full size image into the relevant frame.
As far as the JavaScript debate goes. I have used JS effectively for a good number of years, and provided the code complies to conventions I have never found any problems with it. There have, however, over the years been a good few security alerts about any scripting language, and these should all be taken seriously as there some very clever programmers out there who will find loopholes through almost anything.
As with anything on the internet, caution has to be the key buzzword for everything. Having said that, the sites I put together would not and could not function correctly without JavaScript, but my essential key to using JS is that it is only used where it adds functionality to the site - it is never used simply because it can be.
|
|
Curt
Joined: Eons Ago
# Posts: 3735
|
Posted: 2005-Jun-24 07:46
uk_writer, well put.
We should encourage people to NOT use MSIE, but to use Mozilla, and other much safer browsers (browsers that do NOT support ActiveX) rather than to turn off javascript. All in all true JS is generally safe for web surfers.
Also, visiting unscrupulous web sites (porn, warez, and other illegal sites) is where the danger is more present. Those sites are notorious for such crap.
Perhaps if we instead focus on encouraging people to switch to safer browsers without activex support, Microsoft might do something to fix their notoriously risky browser. The vast majority (probably 99.5%) of the problems are still found in leaving that Microsoft activex setting turned on, not these JS buffer-overrun exploits which are seldomly used. JS is generally not a major concern by itself.
lizardz said:
...one of the more popular methods being exploited recently is cross site scripting vulnerabilites, usually involving iframes running as safe sites within the browser ... js was allowed too much system access in that one circumstance, bug in browser
Change this setting in MSIE:
Launching programs and files in an IFRAME
...to either disable or prompt ("prompt" so that you can allow a site to use the feature when you are sure about the site using safe IFRAME practices)
I'm guessing here... bet the iframes issue involved having activex turned on. "System access" sounds like activex was running.
|
|
You are not permitted to post messages in this forum or topic, because of one or more of the following reasons:
- You have not yet logged in, or registered properly as a member
- You are a member, but no longer have posting rights.
- This is a private forum, for which you do not have permissions.
If you are a recent member, it's possible that you simply have not yet confirmed your account. Please
check your email for a message entitled 'JimWorld Forums: Confirm Your Account' and follow the instructions
contained within.
If you cannot find this message, click here to Re-Send it.
|
If you are still experiencing problem, please read the
Login Assistance
Article for some advice on what may be causing your login not to work properly.
|
Switch to Advanced Editor and ...
Create a New Topic
or Reply to this Thread
|
|
Inbox
