Jeremiah Grossman sent me a link to his blog where he went into more detail about the FireFox extention revealer. He built upon mine quite a bit and got a much better version of it working. His has gone beyond the basic proof of concept and is much more useful and quicker from what I can tell. Here’s a link to his post.

It still feels like there are a lot of vulnerable plugins to research. IEView was not the only one, I promise you that. I’d be curious to hear if anyone is actually doing research on the extentions themselves, now that we can detect them.

This entry was posted on Tuesday, August 29th, 2006 at 8:52 am and is filed under Webappsec, Random Security. You can leave a response as well.