Los Angeles/2008 Meetings/November 19
Topic: A new web attack vector: Script Fragmentation
Speaker: Stephan Chenette
Stephan Chenette is a Senior Security Researcher who helps lead Websense Security
Labs working on malcode detection techniques. Mr. Chenette specializes
in research tools ranging from kernel-land sandboxes, to static
analysis scanners. He has released public analyses on various
vulnerabilities and malware. Prior to joining Websense, Stephan was a
security software engineer for 4 years working in research and product
development at eEye Digital Security.
Abstract: A new web attack vector: Script Fragmentation
This presentation will introduce a new web-based attack vector which
utilizes client-side scripting to fragment malicious web content.
This involves distributing web exploits in a asynchronous manner to
evade signature detection. Similar to TCP fragmentation attacks, which
are still an issue in current IDS/IPS products, This attack vector
involves sending any web exploit in fragments and uses the already
existing components within the web browser to reassemble and execute
Our presentation will discuss this attack vector used to evade both
gateway and client side detection. We will show several proof of
concepts containing common readily available web exploits.