Description: This video and this attack are part of the Blackhat 2010 talk Bad Memories. In this demo you will learn Cache Injection Attacks.
Situation : -
43% of the Alexa top 100,000 use external javascript libraries.
Injecting a Malicious JavaScript library into the browser cache allows the attacker to compromise a website protected by SSl
The malicious library stays in the cache until the user clears it. Movies to a safe location doesn’t help.
Video Objective : -
The Following demos show how caching injection Attack works against Internet Explorer 8 and Firefox 3.6
These demos were done in real time against real sites with their real certificates.
Source : - ebursztein
Tags: HTTPS , SSL , cache , injection , blackhat , security , javascript ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.