Tag

Safari

Browsing

by bo0om, Wallarm Research I’ve previously published an article about using Safari to compromise a computer file system. Unfortunately, there are more issues with Safari as we are now finding out. In this post, we will take a look at the possibility of a XSS exploit and a cookie compromise stemming from “unusual” Safari behavior. Normal browsers and their DNS requests. What does a browser do to open a web page? First, it sends a…

by bo0om, Wallarm Research Imaging a scary scenario: you open a simple html document, and after a little while, your proprietary files unbeknownst to you find their way to somebody else’s hard drive… Documents, source code, SSH keys, passwords…All the files you, the authorized user, have access to — gone. Impossible? Not quite. Some of the commonly used browsers may actually allow this scenario. Generally, an attack works something like this: User opens html document in a…