Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Newest hacks
From: Jim Popovitch <jimpop () yahoo com>
Date: Wed, 21 Mar 2007 01:48:34 -0400

On Wed, 2007-03-21 at 13:26 +0800, wangkaig () lenovo com wrote:

Hi guys, 

I noticed a news recently.Researchers at Indiana University's
Department of Computer Science recently released a report outlining a
way hackers could potentially access and change the configuration
routers on home networks. They described how some JavaScript built
into a Web page could be used to log into the administrator account of
a home router and change its DNS (define) settings.The Indiana
University report points out that this attack doesn't exploit any
browser vulnerability, and, more importantly, it seems to work with
pretty much any router,rrespective of brand or model.Any idea how to
program the javascript to modify the DNS configuration?  

Sure.  Someone could create an html email with an img src set to
something like this:
http://192.168.1.1?/cgi-stuff?dns1=badguy.someplace.tld.  

Next they could add a bunch of urls for all the different router types.
Then, they could send the email from a common Sender addr like
security@<comapany>.tld so that email clients load the images
automatically.  :-(

-Jim P.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]