java_rhino exploit

Go down

java_rhino exploit Empty java_rhino exploit

Post by ssj100 on 24/12/2011, 05:15

Very interesting exploit of Java. Demonstrated with Metasploit:

With such exploits, I always like to see how it could potentially affect me on a "bad day". It turns out I would most likely be protected either way.

1. For my IE browser, Java is not allowed to start/run. In fact, effectively nothing else apart from iexplore.exe can start/run. So that pretty much blocks the exploit dead.
2. For my FF browser, Java is allowed to start/run, but I also run NoScript:
Noscript -- protected system Will block the java applet/exploit
However, what if I mistakenly white-listed the site/domain etc? Well, it turns out Sandboxie effectively contains the exploit anyway:
Sandboxie -- protected system After deleting contents in sandbox connection is broken
And even if somehow executable code could escape the sandbox and run, LUA + SRP would most likely block it.

Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)

Posts : 1389
Join date : 2010-04-14

Back to top Go down

Back to top

Permissions in this forum:
You cannot reply to topics in this forum