SecDocs Feed for author Jorge Luis Alvarez Medina http://secdocs.lonerunners.net Latest security documents RSS feed for author Jorge Luis Alvarez Medina en-us [Slides] Internet Explorer turns your personal computer into a public file server <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/722-jorge-luis-alvarez-medina">Jorge Luis Alvarez Medina</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/45-windows">Windows</a> <a href="http://secdocs.lonerunners.net/tags/details/83-exploiting">exploiting</a> <a href="http://secdocs.lonerunners.net/tags/details/92-internet-explorer">Internet Explorer</a> <a href="http://secdocs.lonerunners.net/tags/details/152-browser">browser</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/37-black-hat-dc-2010">Black Hat DC 2010</a> <br/><b>Abstract</b>: In this presentation we will show how an attacker can read every file of your file system if you are using Internet Explorer. This attack leverages different design features of Internet Explorer entailing security risks that, while low if considered isolated, lead to interesting attack vectors when combined altogether. We will also disclose and demonstrate proof of concept code developed for the scenarios proposed. Sat, 13 Feb 2010 06:11:01 +0100 http://secdocs.lonerunners.net/documents/details/2037-internet-explorer-turns-your-personal-computer-into-a-public-file-server http://secdocs.lonerunners.net/documents/details/2037-internet-explorer-turns-your-personal-computer-into-a-public-file-server [Paper] Internet Explorer turns your personal computer into a public file server <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/722-jorge-luis-alvarez-medina">Jorge Luis Alvarez Medina</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/45-windows">Windows</a> <a href="http://secdocs.lonerunners.net/tags/details/83-exploiting">exploiting</a> <a href="http://secdocs.lonerunners.net/tags/details/92-internet-explorer">Internet Explorer</a> <a href="http://secdocs.lonerunners.net/tags/details/152-browser">browser</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/37-black-hat-dc-2010">Black Hat DC 2010</a> <br/><b>Abstract</b>: In this presentation we will show how an attacker can read every file of your file system if you are using Internet Explorer. This attack leverages different design features of Internet Explorer entailing security risks that, while low if considered isolated, lead to interesting attack vectors when combined altogether. We will also disclose and demonstrate proof of concept code developed for the scenarios proposed. Sat, 13 Feb 2010 06:10:59 +0100 http://secdocs.lonerunners.net/documents/details/2036-internet-explorer-turns-your-personal-computer-into-a-public-file-server http://secdocs.lonerunners.net/documents/details/2036-internet-explorer-turns-your-personal-computer-into-a-public-file-server