Hackers of India

Content sniffing Algorithm bypassing techniques and possible attack vectors

 Anil Aphale   Chaitany Kamble 

2012/02/15

There are large number of web applications including many giant mail services which have features to send/upload files as attachmentAs part of our research that has been done so far, we have tested that a malicious file can cause Internet Explorer (version 6 to 9) to execute the javascript contained in it. This is possible because of the way content-sniffing algorithms have been implemented in various version of Internet Explorer.As such the bypassing techniques which affect version 5, 6 and 7 have been mitigated successfully in version 8 and 9 of IE. However the new algorithm has certain flaws because of which version 8 and 9 of IE are also prone to this vulnerability. This paper will try to give information alX)ut the ,AüContent-SniffngAlgorithms,Aü present in various latest browsers, their strengths and weaknesses. It will also talk about how various web applications and most versions of Internet Explorer become vulnerable to various attack vectors such as XSS,Active-x exploitation and more. The paper will also talk about possible counter measures against these kinds of vulnerabilities and attacks.