There is an interesting link on Darkreading talking about Jeremiah Grossman’s upcoming talk at Blackhat. It looks like he is spilling a little bit of the beans so that people understand what the talk is about and why it is important to attend. So yes, this is something that I’ve been thinking about for a long time. How can you use cross site scripting to attack networked devices, instead of just attacking a stand alone user. Well, after he and I discussed it, he went off and built a working prototype off of the original idea.
The original idea was simply to brute force a password on a firewall or routing device that used a web based administration interface. The problem is that a huge percentage of those use basic type authentication, rather than a web form. Modern browsers all pop up a dialogue, and to my knowledge there is no way to suppress that (if anyone knows of a way I’d be very interested to hear it). Jeremiah took that idea and ran with it, attacking all sorts of other network appliances. I’ll abstain from going into more details until after his talk is over because I think it’s better to see it than have me explain it. But I would recommend you be there if you are at all interested in intranet security.