This Proof-of-Concept describes how any website you visit, their hosting provider and any CDN they trust, can bypass your firewall and proxy and tunnel into your private network. It's a polite and...
This Proof-of-Concept describes how any website you visit, their hosting provider and any CDN they trust, can bypass your firewall and proxy and tunnel into your private network.
To understand the severity of the issue you should consider what happens when you have several tab open and are authenticated on a local service: the whole browser session is authenticated not just a single tab (indeed if you open a new tab into the same authenticated service you don't need a new login).
Interesting. Who do freeze? The browser or the VPN? If the browser, would you mind to give a look at your browser's network logs during it's execution? I've tried it into several (professionally...
Interesting. Who do freeze? The browser or the VPN?
If the browser, would you mind to give a look at your browser's network logs during it's execution?
I've tried it into several (professionally configured) networks and it worked like a charm (obviously after adapting the ip range).
Presumably the onerror callback is never invoked after the first time. The network analyzer shows an open connection for 192.168.1.1 with no headers or data.
Presumably the onerror callback is never invoked after the first time.
The network analyzer shows an open connection for 192.168.1.1 with no headers or data.
This Proof-of-Concept describes how any website you visit, their hosting provider and any CDN they trust, can bypass your firewall and proxy and tunnel into your private network.
It's a polite and expanded version of a similar PoC exploit that leaks the ports open on your machine with a simulated DNS rebinding attack.
To understand the severity of the issue you should consider what happens when you have several tab open and are authenticated on a local service: the whole browser session is authenticated not just a single tab (indeed if you open a new tab into the same authenticated service you don't need a new login).
Thankfully this PoC is thwarted by the VPN software I use.
It says 192.168.1.0 is UP but freezes completely after that.
Interesting. Who do freeze? The browser or the VPN?
If the browser, would you mind to give a look at your browser's network logs during it's execution?
I've tried it into several (professionally configured) networks and it worked like a charm (obviously after adapting the ip range).
Presumably the
onerror
callback is never invoked after the first time.The network analyzer shows an open connection for
192.168.1.1
with no headers or data.