Title
SQL/JavaScript Hybrid Worms As Two-stage Quines
Authors
José Orlicki
In
Workshop de Seguridad Informática (WSegI). Mar del Plata, Miércoles 26 de agosto de 2009.
Date published
2009-08-26
Keywords
botnets, malware, injection attacks,

Abstract

Delving into present trends and anticipating future malware trends, a hybrid, SQL on the server-side, JavaScript on the client-side, self-replicating worm based on two-stage quines was designed and implemented on an ad-hoc scenario instantiating a very common software pattern. The proof of concept code combines techniques seen in the wild, in the form of SQL injections leading to cross-site scripting JavaScript inclusion, and seen in the laboratory, in the form of SQL quines propagated via RFIDs, resulting in a hybrid code injection. General features of hybrid worms are also discussed.

Attachments

wsegi2009-orlicki.pdf - SQL/JavaScript Hybrid Worms As Two-stage Quines