I've read that html5 enables opening tcp sockets from the client side in its "websocket" feature.
Firewalls as I recollect may be configured to block tcp connections initiated from "the outside" by looking for SYN packets, but utilizing this html5 feature enables a simplistic bypass to this policy.
Am I missing something here? Who will monitor those implicit open socket calls? It appears that this behavior is a "reverse tcp shell" served for free...
Aucun commentaire:
Enregistrer un commentaire