Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Tham khảo tài liệu 'ethical hacking and countermeasures - phần 53', công nghệ thông tin, an ninh - bảo mật phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả | TH CEH Certified Ethical Hacker Ethical Hacking and Countermeasures Version 6 Module LIII Hacking Web Browsers IM c E H News Certified Ethical Hacker Infotech Online Printedfrorninfotech.indiatirnes.com Internet Firefox leaks info useful to hackers INDIATIMES NEWS NETWORK THURSDAY JANUARY 24. 2ŨŨ8 02 41 22 PM Surf N Earn - Sign in now Mozilla s chief of security has confirmed a bug in Firefox that could expose a user s private data. The flaw gives attackers unauthorised access to data on a victim s machine. The confirmation has been posted on Mozilla s blog by researcher Gerry Eisenhaur. According to the blog the bug resides in Firefox s chrome protocol scheme and allows directory traversal when certain types of extensions are installed. Eisenhaur has posted sample code that reads the contents of a Mozilla Thunderbird preferences file however he believes that attackers could get access to some more information with variations on his attack. It s possible to load any JavaScript file on a victim s machine he wrote in the blog. This looks very interesting and may have bigger potential but for now it s just another information disclosure. He says A visited attacking page is able to load images scripts or stylesheets from known locations on the disk. Attackers may use this method to detect the presence of files which may give hacker information about which applications are installed. This information may be used to profile the system for a different kind of attack. Some extensions may store information in Javascript files and an attacker may be able to retrieve those he added. However according to Eisenhaur Users are only at risk if they have one of the flat packaged add-on installed. Examples of popular add-ons that are vulnerable include Download Statusbar and Greasemonkey. Source http infotech.indiatimes.com Copyright by Ec-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited IM c EH Module Objective Certified Ethical Hacker This module will .
