Download PDFOpen PDF in browser

NIF: Reactive Injection Attack via Nmap Piggybacking

EasyChair Preprint 10077

10 pagesDate: May 12, 2023

Abstract

Network scanning is a common task in cybersecurity. For instance, penetration testers often scan a target system during the initial stage of their vulnerability detection process, e.g., for profiling machines and services. On the other hand, attacker scan remote systems looking for exploitation opportunities. Network scans are generally considered harmless for the victim, as they only consist of a few requests that cause no service interruption or degradation. Nevertheless, as shown in [19], scanning is risky for its author. In this paper, we present a general attack framework that takes advantage of network scans for injecting remote systems. In particular, our proposal leverages the widely adopted scanner Nmap [15] for transmitting attack payloads through the scan responses. If the output of Nmap is processed by an injectable application, e.g., a web browser of a SQL DBMS, our payloads are executed and the scanning system gets compromised.

Keyphrases: Network Scanning, Web Security, injection attack

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:10077,
  author    = {Alessandro Bonfiglio and Gabriele Costa and Silvia De Francisci},
  title     = {NIF: Reactive Injection Attack via Nmap Piggybacking},
  howpublished = {EasyChair Preprint 10077},
  year      = {EasyChair, 2023}}
Download PDFOpen PDF in browser