Cenzic 232 Patent
Paid Advertising
web application security lab

VBScript Malware (XST and CSS History Hacking)

Awesome Andrew took a crack at writing some VBScript malware that does some of the stuff we have been building in JavaScript. Namely he wrote Jeremiah’s XST and CSS History Hacking script in VBScript. One of the main reasons I think VBScript is nasty beyond the fact that the majority of browsers on the Internet at the moment support it, is that even experienced web application experts often forget about VBScript as an attack vector.

The major disadvantage of VBScript is that it is not cross browser platform, but if you look at the previous post about the Samy worm you can see that this really doesn’t change things much as the Samy worm also wasn’t cross browser. Just getting the bulk of users to execute a vulnerability is the real meat of the issue. This is one reason why I use Windows and Internet Explorer regularly. Knowing what the vast majority of users are going to be vulnerable to is critical to shutting down the holes. Nice job, Awesome Andrew!

One Response to “VBScript Malware (XST and CSS History Hacking)”

  1. hackathology Says:

    Ok. Nice one. But if i have spyware or malware protection program running in the background, won’t it catch the malware? Unless its a 0 day..