SEBUA - Browser Update Attack - System32

svg

svg

svg

Now Reading: SEBUA – Browser Update Attack

Loading

Loading

SEBUA

Malicious Scripts

November 14, 2023 / Prapattimynk

SEBUA – Browser Update Attack

42

Share

Ads

SEBUA is described as a ‘Social Engineering Browser Update Attack’. This attack requires user interaction and is highly deceiving.

How it Works
Browser Detection: SEBUA detects the browser type (Chrome, Firefox, or Edge).
Data Injection: Uses document.write in JavaScript to inject data into the webpage.
UI Deception: Displays an overlay mimicking the official browser download page.
Fake Update Prompt: Demands an update to view content, triggering a download when the ‘Update’ button is clicked.
Post-Download Behavior: Sets a key in the browser’s localStorage to prevent overlay reappearance after the binary execution.
End Result: Ideally leads to a beacon after the binary execution.

The primary component is the payload.js file. To create this payload:

Use document.write with obfuscated HTML in payload.js.
Employ html-obfuscator for obfuscation and de-obfuscation.

Upvote0PointsDownvote

0 People voted this article. 0 Upvotes - 0 Downvotes.

Prev Post

Metasploit Pro 4.22.2 Crack Download

Next Post

Adobe Creative Cloud Collection 2024 v17.10.2023

What do you think?

It is nice to know your opinion. Leave a comment.

Leave a reply Cancel reply

Subscribe & Follow

Popular Posts

01

Craxs Rat V6.7 Working Free Download

September 14, 2023

02

FHR Electric Data Leak

July 8, 2023

03

Postfix SMTP Smuggling CVE-2023-51764 Exploit

December 27, 2023

04

WSPCoerce - PoC to coerce authentication from Windows hosts using MS-WSP

July 28, 2023

05

CVE-2023-20110 Exploit | Cisco Smart Software Manager On-Prem SQL Injection

July 16, 2023

Categories

Cyber sec44
Database123
Exploits And POCs213
Malicious Scripts139
Tools137
Malwares54
Softwares36

Loading

svg

Quick Navigation

1
SEBUA – Browser Update Attack