Author: WoYiGui
In the existing XSS attacks, the general purpose is to steal important user information such as cookies and implement features such as worm transmission, but it is not used for more destructive attacks.
This idea originated from 139 mail worm, but only realized self-propagation in the computer network during the compilation process (which is also a common purpose of XSS .), Although it comes with an interface to send text messages to a mobile phone, the function was not complete because it was unavailable at the time. Therefore, it can only be used for diffusion propagation in computer networks. Therefore, if XSS worm is used for transmission and website applications are used to send text messages to the mobile phone (if any), the communication target can be achieved, I wanted to write an article titled "maximizing XSS attacks" to realize the transformation from a computer network attack to a mobile phone attack. Of course, in many cases, it is not like 139. The basic process is as follows:
Xss Vulnerability ---> spread in computer ----> send malicious mobile phone messages ---> malicious code is triggered after the user browses, the phone book is obtained, and operations such as Group SMS and phone pulling are hidden.
The reason for studying the wap wtai protocol document is to achieve this idea. You can call and send text messages when writing a DEMO. However, when you send a text message or call a number, you must confirm it. However, when you focus on mobile apps, there are also many vulnerabilities in this application, so you can implement some operations without your knowledge.
The above attacks only occur when computers and mobile phones are connected. On the other hand, with the popularity of multimedia homes, computer networks have been connected to wireless devices in the home. Recently, I also learned about wireless remote control of home devices. At present, domestic home electronic devices still use infrared rays to send signals. Because of the bottle diameter of the device, the distance and intensity of infrared transmission, the following implementation process is provided:
Computer -- Single-Chip Microcomputer -- Wireless Transmitting module -- wireless receiving module -- infrared transmitting -- infrared receiving -- Single-Chip Microcomputer -- Control Electric Appliance
From the wireless receiving module, the latter part is carried out on the controlled end, but this will violate the attack intention. The controlled end can only wait for the development of technology, the networking of home media has been adjusted. If a high-strength universal control signal transmitter is developed according to this process, remote control can be achieved for all household appliances in the same city. In foreign countries, there are already some high-intensity small remote control, such as: http://www.amazon.com/Logitech-Harmony-Advanced-Universal-Control/dp/B000CS1TLE
Use radio frequency (RF) and infrared (IR) wireless signals to provide robust and complete control over your home entertainment system. With a wireless range of up to 100 feet, the device sends radio instructions to a wireless receiver, and then the infrared receiver executes the instructions.
I think that with the development of technology, computer networks will eventually be integrated with wireless communication devices and domestic wireless media. At that time, computer network attacks will also combine with other network attacks. In addition, the idea in this article is not mature. It is just an assumption that some cool people may already think of it. I hope you can communicate with me. Due to recent research, it is very difficult to get involved in another industry. If we don't talk about Single-Chip Microcomputer Development, wireless protocols will certainly happen, so we have to take it easy.