We Have You by the Gadgets
- Type
- Paper
- Tags
- Windows
- Authors
- Toby Kohlenberg
- Event
- Black Hat USA 2012
- Indexed on
- May 30, 2014
- URL
- https://media.blackhat.com/bh-us-12/Briefings/Shkatov/BH_US_12_Shkatov_Kohlenberg_Blackhat_Have_You_By_The_Gadgets_WP.pdf
- File name
- BH_US_12_Shkatov_Kohlenberg_Blackhat_Have_You_By_The_Gadgets_WP.pdf
- File size
- 192.6 KB
- MD5
- 8a270ca4ca12dc8c15c31e267915a09d
- SHA1
- eaf72811099a64b20aef74b2f546d3b9e99641d0
Why send someone an executable when you can just send them a sidebar gadget? We will be talking about the windows gadget platform and what the nastiness that can be done with it, how are gadgets made, how are they distributed and more importantly their weaknesses. Gadgets are comprised of JS, CSS and HTML and are application that the Windows operating system has embedded by default. As a result there are a number of interesting attack vectors that are interesting to explore and take advantage of. We will be talking about our research into creating malicious gadgets, misappropriating legitimate gadgets and the sorts of flaws we have found in published gadgets.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
