DeMISTIfying Infosec: PAC File

November 1, 2016
By Katherine Teitler

PAC File

A proxy auto-configuration (PAC) file is a text-based file containing a JavaScript function which is used to determine whether a web browser forwards internet traffic to a web proxy server or directly to the destination server. A PAC file is a script-driven method of controlling web requests, and can be configured relatively easily by an administrator. The PAC file is referenced each time a new URL is loaded so that traffic for each request is routed appropriately.

The use of PAC files allows for blocking of specific users and websites and is supported by all major browsers; the browser only requires the address of the PAC file so it can retrieve the file and execute the JavaScript function.

Threat actors can take advantage of well-known vulnerabilities in web browsers to insert a phony PAC file and re-route traffic to the destination of their choosing. 

Get the DeMISTIfying InfoSec newsletter every Tuesday!

 

prestitial ad