Abusing Websockets in Browsers for DoS
نویسندگان
چکیده
This paper considers exploiting browsers for attacking Web servers. We demonstrate the generation of HTTP traffic to third-party domains without the user’s knowledge, that can be used e.g. for Denial of Service attacks. Our attack is primarily possible since Cross Origin Resource Sharing does not restrict WebSocket communications. We show an HTTP-based DoS attack with a proof of concept implementation, analyse its impact against Apache and Nginx, and compare the effectiveness of our attack to two common attack tools. In the course of our work we identified two new vulnerabilities in Chrome and Safari, i.e. two thirds of all browsers in use, that turn these browsers into attack tools comparable to known DoS applications like LOIC.
منابع مشابه
HTML5 WebSocket protocol and its application to distributed computing
HTML5 WebSocket protocol brings real time communication in web browsers to a new level. Daily, new products are designed to stay permanently connected to the web. WebSocket is the technology enabling this revolution. WebSockets are supported by all current browsers, but it is still a new technology in constant evolution. WebSockets are slowly replacing older client-server communication technolo...
متن کاملPoster: Security Analysis of HSTS Implementation in Browsers
Currently, HTTP Strict Transport Security, used to harden HTTPS, has gained increasing adoption in browsers and servers. We conduct an in-depth empirical security study of HSTS implementation in browsers, then successfully discover several new flaws in storage implementation and interaction with certificates. These flaws enable cookies theft, DoS, and bypassing problems. Moreover, we point out ...
متن کاملTorinj : Automated Exploitation Malware Targeting Tor Users
We propose in this paper a new propagation vector for malicious software by abusing the Tor network. Tor is particularly relevant, since operating a Tor exit node is easy and involves low costs compared to attack institutional or ISP networks. After presenting the Tor network from an attacker perspective, we describe an automated exploitation malware which is operated on a Tor exit node targeti...
متن کاملAn Empirical study of HTML5 Websockets and their Cross Browser behavior for Mixed Content and Untrusted Certificates
Websockets allow a full duplex connection to be made over a single socket between the client and the server. Today, Websockets is a finished standard and has greatly helped modern web applications to achieve real time communication without any overhead of sending HTTP headers with every request. This research provides an overview of the Websocket protocol and API, and focuses on the state of We...
متن کاملWebSOS: protecting web servers from DDoS attacks
We present the WebSOS architecture, a mechanism for countering denial of service (DoS) attacks against web servers. WebSOS uses a combination of overlay networking, contentbased routing, and aggressive packet filtering to guarantee access to a service that is targeted by a DoS attack. Our approach requires no modifications to servers or browsers, and makes use of the web proxy feature and TLS c...
متن کامل