Cyber Security Expo
 
The Analogy of Pop Ups by Aditya Sood on 25/09/07

Art of Third Party Pop up Attacks : Section 1

This section deals with the latest third party popup attacks that are performed by an attacker from the rogue and vulnerable links of the web sites to circumvent the normal functioning on the web. The target website always seems to be the liable web provider from where the popup attacks are possible. This is the output of my penetration sessions on the web. I have not found any well crafted information regarding these attacks. I will sum up by designing a working algorithm in this aspect and proof of concept how these attacks are done by POPUP manipulators.

Downloading JINX Through Pop up : Section 2

This section is based on a very generic problem that occurs while downloading from a website when a popup is initiated from the downloading link. This is a very basic problem now a days because the downloading link is hidden. When the browser is subjugated with the required URL, no downloading occurs or the server displays the HTML web page links but not the downloading link. This is not a core technical layout but can be used as trick for web penetration. I will be very specific in this regard. I find users having lots of problems regarding this so I thought it requires a talk. So there it is.

This document is in PDF format. To view it click here.

Rate this article

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , Infosecwriters.com. All rights reserved. Comments are property of the respective posters.