home.aspx
 
. Resources/Whitepapers/b46bdad3-3444-42e1-a164-75687e6ab18a_Attackingthe_wp.pdf
whitepaper
ATTACKING THE INTERNAL NETWORK FROM THE PUBLIC INTERNET USING A BROWSER AS A PROXY
At Forcepoint we continually seek to improve the protection our products provide. To this end, we often investigate unusual or potentially novel attack techniques. One such recent topic of research has been attacks against localhost and the internal network, launched from the public Internet. Though not a new attack, it is not widely known outside of the security research community that a malicious JavaScript can attack the internal network. Of the limited documentation that exists on this topic, most resources describe it in terms of inter-protocol exploitation [1] [2], whereas our focus is on intra-protocol exploitation. DOWNLOAD