웹성코드정든품바
www.CodeEngn.com2014 CodeEngn Conference 11
누구나 쉽고 편리하게 그리고 재미있게
• 생각과 관심만 가지면 누구나 쉽게
• HTML 볼 줄 안다면 누구나 편리하게
• C언어 할 줄 안다면 누구나 재미있게
Operating System
Web Browser
NetworkRequest
Response
Thinking. . .Proxy ?
Operating System
Web Browser
NetworkRequest
Response
DebugActiveProcess
WaitForDebugEvent
ContinueDebugEvent
EXCEPTION_BREAKPOINT
EXCEPTION_DEBUG_EVENT
CREATE_PROCESS_DEBUG_EVENT
API Function
Return
Hook Routine
Return
WaitForDebugEvent
ContinueDebugEvent
EXCEPTION_BREAKPOINT
EXCEPTION_DEBUG_EVENT
CREATE_PROCESS_DEBUG_EVENT Install Hook Code (INT3)
Hook Routine
DebugActiveProcess
<html>. . .
<form ~<input type=“text ~ <input type=“password”~
. . .
Web Browser
<script>. . .
</script>
<html>. . .
</html>
Web Browser
<html>. . . <script ~ src=“~.js“>
. . .
Web Browser
Page Read
Script Read
Operating System
<html>. . .
<script ~ src=“jdpb.js”>. . .
Web Browserjdpb.js
function CodeEngn(){
alert(‘jdpb WORLD!’);}
jdpb.js
function CodeEngn(){
alert(‘ATTACKED…’);}
Hook
<html>. . .
<map ~<area onmousedown= ~. . .
. . .
KEYPAD HASH VALUE ++
1 2 3
4 5 6
7 8 9
0
1 2 3
4 0 6
9 5 8
7
<area onmousedown= ~. . .
Thank You
www.CodeEngn.com2014 CodeEngn Conference 11