PARTS:
Part 6
Part 7
Part 8
Part 9
Part 10
Part 11
Part 12
Part 13
Part 14
Part 15
Part 16
Part 17
Part 18
Part 19
Part 20
Part 21
Part 22
WHAT'S HOT
Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos
"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"
Regardless of which way the scan is conducted, the first step in a JavaScript portscan is
determining which hosts are up on the internal network. While this was traditionally
performed by pinging hosts with Internet Control Message Protocol (ICMP), in the
browser it is accomplished by using HTML elements. By using an HTML
pointing at sequential IP addresses on the network and the JavaScript onload and
onerror functions, malicious JavaScript inside the browser can determine which hosts
on the internal network are reachable and which are not. Once the available hosts are
enumerated, actual portscanning of the hosts can begin. Scanning for internal web
servers (TCP port 80) is the simplest exercise, as it can be completed by using the HTML