Chapter 19. Additional Repurposing Attacks

In the ActiveX example in Chapter 18, an attacker calls into the ActiveX control by coercing the target to load an HTML document that contains data specified by the attacker. The attacker uses the Active X control for a purpose other than the control’s developer intended. This same concept applies to other technologies. The repurposing attacks apply to many technologies some are discussed in this chapter. In this chapter, we discuss how document formats and Web applications can be repurposed to perform malicious actions. You’ll also learn ...

Get Hunting Security Bugs now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.