Java Hole: Web Graffiti & Covert Channels
Chad Owen Yoshikawa
chad at CS.Berkeley.EDU
Thu May 9 03:52:17 PDT 1996
--------------------------------------------------------
Web Graffiti & High Bandwidth Covert Channels Using Java
--------------------------------------------------------
While developing a chat server using Java as a frontend, we've
been exploiting what we think is a new Java security hole in
Java-enabled browsers such as Netscape. The hole allows for
opening sockets to arbitrary ports on web servers that serve
Trojan-horse applets.
We've also used a known security hole (covert channels) first mentioned
in work by the SIP group at Princeton to create what we call
'Web Graffiti' - the dynamic insertion of text, graphics, applets, into
HTML pages.
Both of these attacks are three-party attacks and require Trojan-
horse applets. For a draft of a paper that is work in progress,
point your browser to:
http://whenever.CS.Berkeley.EDU/graffiti/
Chad Yoshikawa Brent Chun
chad at cs.berkeley.edu bnc at cs.berkeley.edu
More information about the cypherpunks-legacy
mailing list