0

This question is about if any technologies used by a web browser (HTTP, TCP, JavaScript, etc.) can be used to push a binary file from the web server to a random folder on the client.

This is for a security discussion at work about the dangers in web browser JavaScript. We already have Windows OS Script Host disabled on the machines so the OS-JavaScript/VBScript should not be a risk.

And being that web browser JavaScript runs inside a sandbox, it should not be possible to use it save a random binary on the client machine, or am I wrong in this? Are any of the browser technologies a known vector for this?

coderworks
  • 519
  • 1
  • 4
  • 13
  • 2
    Browsers can be made to download a file w/o Javascript needed and often they don't prompt the user for the location but simply put it into the Download folder or similar. This can also be done for files which would usually be rendered in the browser (like HTML files) by simply using the `Content-Disposition` header or by using the `download` attribute in the link. If the user then later opens these files they are no longer executed inside the browsers sandbox. – Steffen Ullrich Sep 12 '21 at 06:25

1 Answers1

1

Browsers are specifically designed to prevent this.

There have been exploits in the past that found a security hole and there may be exploits found in the future, but by design Browsers are designed to prevent this.

In recent years, exploits of this type typically came from third party plugins. Adobe PDF handlers have a long history of abuse.

Also you cannot equate Javascript and VBscript. VBscript should NOT be running as a Browser extension! Nor should any of a host of other available extension languages such as Perl or Python, they are not Browser safe!

user10216038
  • 7,552
  • 2
  • 16
  • 19