Informative Information for the Uninformed | ||||||||||||||
|
||||||||||||||
Next: Methods of Prevention
Up: Potential Uses and Enhancements
Previous: Penetration Testing
  Contents
Worm Propagation
There are uses for the PassiveX payload on the malicious side of the
house as well. Due to the payload's ability to support automation
through scripting and its inherent ability to allow for the
construction of tunnels over arbitrary protocols, it seems obvious
that such a tool could be useful in the realm of worm propagation.
Take for instance a worm that spreads through server-side daemon
vulnerabilities and also by embedding client-side browser
vulnerabilities into the web sites of web servers that become
compromised. The payload for the client-side browser
vulnerabilities would be the PassiveX payload which would then
download an inject an ActiveX control from a de-centralized location
that would be responsible for the continued propagation of the worm
through the same vectors. The payload's transmission over trusted
protocols would make it just that much harder to stop assuming some
level of effort were put forth to make the communication
indistinguishable from normal browser traffic.
|