Chapter 18: ActiveX Repurposing Attacks

Overview

In the manufacturing process, there is a clever invention known as interchangeable parts , meaning a particular assembly or part could be swapped for another. If you have ever constructed a jigsaw puzzle, you are very familiar with noninterchangeable puzzle pieces. The concept of interchangeability lets you buy replacement parts, such as a bolt or a spare tire, with confidence the new one will be compatible and fit, given the design is compatible and the new part is manufactured to certain standards.

In the same way, modular programming allows for a programmer to write a particular computer routine to allow it to be used multiple times, creating gains in efficiency and adding value to what often become rather large shared program libraries. In the case of modular programming, the format of the input and output data used by the shared routine allows for interoperability between the shared code and the program using it. A number of programming languages and technologies such as remote procedure calls (RPCs), Java, Component Object Model (COM), and the Microsoft .NET Framework, build even further on this program sharing notion, allowing other programmers to reuse or call into program routines. Sometimes, attackers can call into these interfaces as well and use the shared libraries in ways not envisioned by the programmer. Repurposing attacks happen when shared code is functioning as designed but the attacker has manipulated the data to maliciously repurpose the code to serve his or her interests.

This chapter focuses on COM repurposing attacks and ActiveX control security. Note that managed code luring attacks are covered in Chapter 15, Managed Code Issues, and SQL stored procedure repurposing issues are covered in Chapter 16, SQL Injection. Before discussing the specifics of repurposing attacks, this chapter briefly reviews ActiveX terminology and the basics of scripting ActiveX controls. If you are not familiar with dynamic HTML (DHTML) and scripting, a good Web site to keep handy is http://msdn.microsoft.com/workshop/author/dhtml/reference/dhtml_reference_entry.asp . In addition to covering repurposing attacks, the chapter also discusses the Microsoft Internet Explorer 6.0 security model, as well as detailing several tools and attack strategies and techniques you can use when testing. The chapter finishes with a testing walkthrough that shows you how to apply the concepts to test a sample buggy ActiveX control.