{"id":57,"date":"2007-11-02T18:19:01","date_gmt":"2007-11-02T13:19:01","guid":{"rendered":"http:\/\/codeinmybug.wordpress.com\/2007\/11\/02\/drive-by-download-where-network-security-meets-webappsec\/"},"modified":"2008-05-07T15:10:02","modified_gmt":"2008-05-07T09:40:02","slug":"drive-by-download-where-network-security-meets-webappsec","status":"publish","type":"post","link":"https:\/\/projectbee.org\/blog\/archive\/drive-by-download-where-network-security-meets-webappsec\/","title":{"rendered":"Drive-by Download: Where Network Security Meets WebAppSec"},"content":{"rendered":"<h3><a href=\"http:\/\/projectbee.org\/demos\/dbd.html\"><strong>DEMO<\/strong><\/a><\/h3>\n<p>This post was due since the <a href=\"http:\/\/sunbeltblog.blogspot.com\/2007\/08\/breaking-bank-of-india-seriously.html\">Bank of India hack incident<\/a>, and was fueled by <a href=\"http:\/\/www.gnucitizen.org\/blog\/hacking-without-0days-drive-by-java\/\">PDP&#8217;s Drive-by Java post<\/a>, which is a very simple, yet a well thought of extension (sort of) to the Drive-by Download attack. This post is aimed to provide a clearer understanding of the Drive-by Download attack (via a demo).<\/p>\n<p>Citing <a href=\"http:\/\/en.wikipedia.org\/wiki\/Drive-by_download\">Wikipedia<\/a>, <strong>Any download that happens without knowledge of the user<\/strong> can be referred to as Drive-by Download (DBD). Pretty obviously, an attacker downloads (or uploads, depending on the perspective) malwares, viruses etc., especially in case of a zero-day. Now, I should also specify that by the sub-title &#8220;network security meets web application security&#8221;, I simply wish to point that viruses, malwares, worms are not really a concern of WebAppSec. <em>Please note that these exclude the Javascript payloads<\/em>.<\/p>\n<p>Here is the video of Bank of India Hack, <strong>showing <\/strong>DBD in action.<br \/>\n<object classid=\"clsid:d27cdb6e-ae6d-11cf-96b8-444553540000\" width=\"425\" height=\"355\" codebase=\"http:\/\/download.macromedia.com\/pub\/shockwave\/cabs\/flash\/swflash.cab#version=6,0,40,0\"><param name=\"wmode\" value=\"transparent\" \/><param name=\"src\" value=\"http:\/\/www.youtube.com\/v\/aWV8d2rWf8E&amp;hl=en\" \/><\/object><\/p>\n<p>Here is <a href=\"http:\/\/projectbee.org\/demos\/dbd.html\">my demo of <strong>DBD in action<\/strong><\/a><strong>.<br \/>\n<\/strong>All files downloaded to your system are 0 (zero) KB and are completely harmless. You&#8217;ve my word. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DEMO This post was due since the Bank of India hack incident, and was fueled by PDP&#8217;s Drive-by Java post, which is a very simple, yet a well thought of extension (sort of) to the Drive-by Download attack. This post is aimed to provide a clearer understanding of the Drive-by Download attack (via a demo). &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/projectbee.org\/blog\/archive\/drive-by-download-where-network-security-meets-webappsec\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Drive-by Download: Where Network Security Meets WebAppSec&#8221;<\/span><\/a><\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[15,18,24,33,168,167],"tags":[20,27],"class_list":["post-57","post","type-post","status-publish","format-standard","hentry","category-demo","category-education","category-hack","category-loophole","category-security","category-webappsec","tag-fraud","tag-iframe"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pf2XR-V","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/posts\/57","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/comments?post=57"}],"version-history":[{"count":0,"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/posts\/57\/revisions"}],"wp:attachment":[{"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/media?parent=57"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/categories?post=57"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/projectbee.org\/blog\/wp-json\/wp\/v2\/tags?post=57"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}