Forum Thread: Infecting Victim by Visiting Website?

Hi guys!

I wondered, if it's possible to infect victim that is visiting our website? Without downloading and running any files, is there any way to install exploit when loading website?

8 Responses

If such thing really existed it would have been quite fearsome!
Thanksfully no (so far I know). All techniques I heard about always involve downloading some exe more or less hidden.

So in short: No.

Umm, exploits do not require an exe. If the visitor of a site has a vulnerable program and you have an exploit for it, you can host it on your own website server or if you can get it on another website through hacking the website or ad network, any visitors with the vulnerability should be compromised. That's how drive by downloading malware and exploit kits work.

Exploit always require something to run them '-' It's may be not a exe if you're using an interpreted language but it's not the point.

In the end you need to send your exploit+reverse-bind on the victim (so you need the user to download it). Modern browsers always ask the user to confirm a download and moreover they're sandboxed to prevent the monkey between behind the screen to compromise its machine just by running a web script (the damage will be limited to the browser).

You can still convince your victim to run your code (Social Engineering is the n°1 weapon of hackers) it's not really hard. But once again it'll require the user to actively download something.

Dude, I'm not saying you can't exploit. What I say is that you're sandboxed in the browser.

Modern browser such as Firefox and Edge require user interaction for downloading. Most drive-by download happen with the user's consent (through some form of phishing ) and the rest when the user run an deprecated browser.

Now I'm curious how you exploit a web application (let's say a SSH client) hosted on the victim behind his NAT without downloading any file.

You still are not understanding how a exploit kits work. You can't say user interaction is needed, when there's plenty of proof that you are wrong. It doesn't matter if you think a Sandboxed browser stops it. Stop being ignorant and go do some research. Zero interaction is needed to get an infection. I have personally seen it happen and I read articles every day about it continuing to be a problem. A lot of ransomware comes though exploit kits. It doesn't matter if you think I'm wrong as Google has my back. All you need to do is research
Here, I'll do some research for you.

I understand how exploit kits work (at least the basics). However it's totally different: Exploit kits attack the browser (and associated plug-in) not the host itself (No you can't exploit ANY software that have a web access with exploit kit ONLY those relate to the attacked browser). If the exploit kit manage to break the browser sandbox it's your browser that is at fault. A up-to-date browser is immune to this (maybe you have some 0-days under your feet??)

You just can't access to your potential victim SSH server/client, postgres, tomcat or other services, just like that without breaking the browser in first place (in that case you would already have the control on the box, no need to exploit further vulnerabilities).

Instead of invoking Google as your joker and responding aggressively (almost unrespectfully) to any comment that doesn't go your way. You should learn how works browser sandboxing, the NAT and networking in general

Hope I helped,

That's where are misunderstandings happened. I did not mean, Any software, my mistake. You were saying it wasn't possible at all, which as I proved, is wrong.

Share Your Thoughts

  • Hot
  • Active