Download PDFOpen PDF in browser

NIF: Reactive Injection Attack via Nmap Piggybacking

EasyChair Preprint no. 10077

10 pagesDate: May 12, 2023


Network scanning is a common task in cybersecurity. For instance, penetration testers often scan a target system during the initial stage of their vulnerability detection process, e.g., for profiling machines and services. On the other hand, attacker scan remote systems looking for exploitation opportunities. Network scans are generally considered harmless for the victim, as they only consist of a few requests that cause no service interruption or degradation. Nevertheless, as shown in [19], scanning is risky for its author. In this paper, we present a general attack framework that takes advantage of network scans for injecting remote systems. In particular, our proposal leverages the widely adopted scanner Nmap [15] for transmitting attack payloads through the scan responses. If the output of Nmap is processed by an injectable application, e.g., a web browser of a SQL DBMS, our payloads are executed and the scanning system gets compromised.

Keyphrases: injection attack, Network Scanning, Web Security

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
  author = {Alessandro Bonfiglio and Gabriele Costa and Silvia De Francisci},
  title = {NIF: Reactive Injection Attack via Nmap Piggybacking},
  howpublished = {EasyChair Preprint no. 10077},

  year = {EasyChair, 2023}}
Download PDFOpen PDF in browser