viernes, 21 de agosto de 2009

Workshop de Seguridad Informática 2009 en las 38 JAIIO

Voy a ir a este workshop de Seguridad Informática, es el primero que se hace en Argentina creo. ¿Alguién más va? Aca esta el artículo que presento.

SQL/JavaScript Hybrid Worms As Two-stage Quines
Delving into present trends and anticipating future malware trends, a hybrid, SQL on the server-side, JavaScript on the client-side, self-replicating worm based on two-stage quines was designed and implemented on an ad-hoc scenario instantiating a very common software pattern. The proof of concept code combines techniques seen in the wild, in the form of SQL injections leading to cross-site scripting JavaScript inclusion, and seen in the laboratory, in the form of SQL quines propagated via RFIDs, resulting in a hybrid code injection. General features of hybrid worms are also discussed.