Rootkits for JavaScript Environments [pdf]

Rootkits for JavaScript Environments [pdf](static.usenix.org)

35 points by chorola 13 years ago | 2 comments

nadaviv 13 years ago |

If you manage to get the code to execute on a worker or an iframe, you should have a clean environment to operate in, with your own copy of the native environment and prototypes.

The question is... how do you create an iframe or worker safely? document.createElement and window.Worker can be poisoned too.

Perhaps its possible to verify the functions you're using are native and not created in user-land? that way, at least you could identify the attack and stop execution.

pfraze 13 years ago | |

If you knew what JS to expect from the host, you might cache a checksum and compare after load.