Category Archives: IE

Hide Javascript inside JPEG file

In the recent Hack.LU 2014 conference Saumil Shah from net-square gave a talk on “Hacking with Pictures”. The basic idea behind this talk is hiding Javascipt inside a JPEG file. He extended this technique to JPEG. Those who are interested … Continue reading

Posted in browser, IE | Tagged , , , | 11 Comments

Software enumeration using Internet Explorer

We do regularly see software enumeration using Internet Explorer in web infections. It tries to find some specific files(at fixed locations) related to AV and other analysis tools and avoids further execution of the exploit. There are two different techniques … Continue reading

Posted in Exploit, Exploit Kit, IE | Tagged , , , | 2 Comments

Digging deep into Angler Fileless Exploit delivery

We look in detail about Angler Exploit pack’s fileless infection. Thanks to friends at malware-traffic-analysis.net who provided captures of two different instances of Angler exploit pack delivery. You can download the samples and captures from these links Link1, Link2. There … Continue reading

Posted in Exploit, Exploit Kit, IE, Malware, Windows | Tagged , , , , | 6 Comments

FiddlerCOM

FiddlerCore is written in .Net. Most of the time when we needed to capture the traces using fiddler we had to start it manually. Here is the simple .Net code that you can use to automate this capture. using System;using … Continue reading

Posted in Fuzzing, IE, Web | Tagged , , , , | Leave a comment

Differences between Accelerators/Search Provider/Toolbars and Extensions/Webslices/Tracking Protection List

  When you install these (except toolbar and extension), IE will create registry key under:    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities Download files are kept under this folder:    C:\Users\<username>\AppData\LocalLow\Microsoft\Internet Explorer\Services\        Both xml file and favicon is saved/cached under this. Folder is not visible in … Continue reading

Posted in IE | Tagged , , , , | Leave a comment

Geo-location permissions in IE9

IE9 has few HTML5 features. Today i got a chance to use GeoLocation feature in that.When i accessed this testdrive site http://ie.microsoft.com/testdrive/HTML5/Geolocation/Default.htmlit show a popup and asking for permission from the user. You can see that in this screenshot. IE9 … Continue reading

Posted in IE | Tagged , , , | Leave a comment

Browser Security Comparison reports

Recently we have seen many reports on browser security comparison. At least i have seen/read four such reports. 1) A Security Analysis of Next Generation Web Standards http://www.enisa.europa.eu/act/application-security/web-security/a-security-analysis-of-next-generation-web-standards 2) HTML5 the ugly http://blog.trendmicro.com/html5-the-ugly 3) Browser Security Comparison – A Quantitative … Continue reading

Posted in Chrome, Firefox, IE, Safari | Tagged , , , , | Leave a comment