wiki
wiki copied to clipboard
Implement AVOracle Article
This leak reflects how deep XS-Leaks can go. It shows how attackers can influence an Anti Virus Software in dealing with a web server (and user data) with cross-site requests. One could trick the software (abusing the defender's js engine) to make the server return a certain status code based on user input (and data storage), allowing certain secret data to be leaked.
References:
- Slides: https://westerns.tokyo/wctf2019-gtf/wctf2019-gtf-slides.pdf
- Slides 2 (more stuff): https://speakerdeck.com/icchy/lets-make-windows-defender-angry-antivirus-can-be-an-oracle?slide=4
- Live presentation: https://www.youtube.com/watch?v=mt4QTIcu4hk