tezza Posted July 29, 2013 Share Posted July 29, 2013 I’m excited to announce a new research report from Bromium Labs, written by myself and Rafal Wojtczuk. It ended up being far more comprehensive than we initially thought, so we decided to call it ”Application Sandboxes: A Pen Tester’s Perspective”. In this report we perform security evaluation of publicly available application sandboxes viz: Google Chrome, Adobe Reader, Sandboxie, BufferZone Pro and Dell Protected Workspace.To create some context, we are all aware of the deficiencies of traditional endpoint security technologies. There are a lot of vendors coming up with ideas and solutions to combat the malware challenge. What is the core issue? It’s simple – the attack surface, which is predominantly the Operating System (and installed apps) for any user. In this paper, we evaluate one of the the newer approaches – sandboxing and verify how well it stands up against real world threats.The report is about pen-testing and we used and wrote several exploits in our research. However, we did not use any unknown zero days or even try to find vulnerabilities in any of the above mentioned products. That was not needed as the opportunities for attackers are huge already.Hence, we just stuck to the basics and used exploits (some of which are not public) for known vulns to explore the architectural flaws of sandboxing technology – as you will see after reading the report, sandbox bypasses are unnervingly straightforward using vulnerabilities in the underlying OS.Not to forget, if we ever encounter a vulnerability in any product, we are committed to responsible disclosure as we’ve always done in the past.Below is a quick summary of the analysis:The report is available here.http://labs.bromium.com/2013/07/23/application-sandboxes-a-pen-testers-perspective/ Link to comment Share on other sites More sharing options...
Cypher3927 Posted July 29, 2013 Share Posted July 29, 2013 (edited) Interesting research tezza, thanks for posting this article. Let me ask you a question: do you happen to know which operating systems were used for the tests? Edited July 30, 2013 by Cypher3927 Link to comment Share on other sites More sharing options...
Airstream_Bill Posted July 29, 2013 Share Posted July 29, 2013 Also, Interesting Post. Thanks Link to comment Share on other sites More sharing options...
ALIEDHED Posted July 30, 2013 Share Posted July 30, 2013 Great information. Thanks for it. Link to comment Share on other sites More sharing options...
nIGHT Posted July 31, 2013 Share Posted July 31, 2013 (edited) Been interested in sandboxing, I'm surprised to find out, based on what I read here, that it's "easy" to slip out of those "protective shell". :sneaky: Edited July 31, 2013 by nIGHT Link to comment Share on other sites More sharing options...
Recommended Posts