{"id":114,"date":"2006-09-25T12:47:57","date_gmt":"2006-09-25T20:47:57","guid":{"rendered":"http:\/\/netmesh.info\/jernst\/uncategorized\/really-scary-web-hacking-demo"},"modified":"2006-09-25T12:47:57","modified_gmt":"2006-09-25T20:47:57","slug":"really-scary-web-hacking-demo","status":"publish","type":"post","link":"https:\/\/upon2020.com\/blog\/2006\/09\/really-scary-web-hacking-demo\/","title":{"rendered":"Really Scary Web Hacking Demo"},"content":{"rendered":"<p>If you are a techie, I highly recommend you look at the presentation <a href=\"http:\/\/www.blackhat.com\/html\/bh-usa-06\/bh-usa-06-speakers.html#Grossman\" target=\"_blank\"><i>&quot;JavaScript malware just got a lot more dangerous&quot;<\/i><\/a> by Jeremiah Grossman and T.C. Niedzialkowski from <a href=\"http:\/\/www.whitehatsec.com\/\" target=\"_blank\">WhiteHat Security, Inc<\/a>. An MP4 recording of the demo is <a href=\"http:\/\/whitehatsec.com\/downloads\/whiteHat_hacking_intranets.mp4\" target=\"_blank\">here<\/a>.<\/p>\n<p>Wow, is this scary! They are demonstrating how to completely hijack a user&#8217;s browser session without the user noticing, and running things like keystroke loggers right in the browser, re-configuring the user&#8217;s firewall, attacking other servers on the user&#8217;s intranet, print on the user&#8217;s printer, and sweet stuff like that. Without using any browser exploits! And without leaving any trace because the JavaScript and other content just goes away after the browser is closed.<\/p>\n<p>Missing 10,000 dollars in your bank account, but your bank&#8217;s website says it&#8217;s still in your account? That&#8217;s the kind of thing &#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you are a techie, I highly recommend you look at the presentation &quot;JavaScript malware just got a lot more dangerous&quot; by Jeremiah Grossman and T.C. Niedzialkowski from WhiteHat Security, Inc. An MP4 recording of the demo is here. Wow, is this scary! They are demonstrating how to completely hijack a user&#8217;s browser session without&hellip;<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"webmentions_disabled":false,"footnotes":""},"categories":[59],"tags":[],"class_list":["post-114","post","type-post","status-publish","format-standard","hentry","category-comments","kind-"],"kind":false,"_links":{"self":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts\/114","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/comments?post=114"}],"version-history":[{"count":0,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts\/114\/revisions"}],"wp:attachment":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/media?parent=114"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/categories?post=114"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/tags?post=114"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}