Client Attacks: JS Injection

Summary

Excerpt From Wi-fi vulnerabilities part 2 webinar
Check Out This Short Video on Client Attacks: JS Injection.
Compromising devices by injecting JavaScript code into online data is a strategy used by attackers to add JavaScript to a legitimate website, which, when accessed, executes the injected code on the user’s client. While demonstrating an example alert message, the speaker emphasizes the larger scope of fraudulent behaviors, such as prompting users to browse other websites, download packages, or even access hardware resources such as webcams.

Video Transcript

This is one of my favorites. I shouldn't probably say that. It sounds nefarious, but I like it from the perspective that it's a very cool kind of stealthy thing to do to compromise a device. What I do is I inject some JavaScript code into web data that I'm providing to you from some web server, and this can be legitimate.

I don't have to do any poisoning in this case. I can simply take a legitimate website, and I can add some JavaScript to that website that is going to run code on your client. And and if I can get you to point to some website that I can modify like that, then I can get you to execute anything that JavaScript could execute.

In this case, it's just an example of a of an alert where it says, hey. You've been hacked. Again, not a smart thing to do for a hacker unless you're gonna, like, do ransomware on them or or something. But there's lots of things that you can do from this perspective.

Once you've run the JavaScript, you can prompt them to go to a different website or download a package and install it. You can access their web cam and bunch of other resources. So there's lots of things that that we can do once we're in that position of trust.