Local IP Address bug in some JVMs

by martin 21. October 2008 23:47

This guy from Spi Dynamics (now HP) told me how you can get the local IP address in some browser / JVM combinations a few months back.

window.java.net.InetAddress.getLocalHost();

Click here to see if you are at risk.

Inside an applet, you seem to always be able to get the internal ip address using code like : 

String strLocalIPAddress = (new Socket(strWebHost, intPort)).getLocalAddress().getHostAddress();
I haven't been able to get this work via javascript. Go to see Lars Kindermann's MyAddress applet to check if you are at risk: http://www.reglos.de/myaddress/MyAddress.html

I also ran across a cool DNS Pinning applet/service that did port scanning. http://www.jumperz.net/index.php?i=2&a=1&b=9

Now add in CIFS / SMB into your dns pinned applet and ? ?  

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags: , , ,

Java | JavaScript

E-mail
Permalink | Comments (0) | Post RSSRSS comment feed

Add comment


(Will show your Gravatar icon)  

biuquote
  • Comment
  • Preview
Loading



Welcome

Please contact me if you have a great idea for a project and need technical expertise in designing, developing, or integrating a custom software solution. 

Recent Comments

Comment RSS