Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Newest hacks
From: Saeed Abu Nimeh <drellman () hotmail com>
Date: Wed, 21 Mar 2007 00:45:38 -0500

similar to this:
http://seclists.org/bugtraq/2007/Feb/0285.html
We discovered a new potential threat that we term "Drive-by Pharming".
An attacker can create a web page containing a simple piece of malicious
JavaScript code. When the page is viewed, the code makes a login attempt
into the user's home broadband router and attempts to change its DNS
server settings (e.g., to point the user to an attacker-controlled DNS
server). Once the user's machine receives the updated DNS settings from
the router (e.g., after the machine is rebooted) future DNS request are
made to and resolved by the attacker's DNS server.


wangkaig () lenovo com wrote:
Hi guys,

I noticed a news recently.Researchers at Indiana University's Department 
of Computer Science recently released a report outlining a way hackers 
could potentially access and change the configuration routers on home 
networks. They described how some JavaScript built into a Web page could 
be used to log into the administrator account of a home router and change 
its DNS (define) settings.The Indiana University report points out that 
this attack doesn't exploit any browser vulnerability, and, more 
importantly, it seems to work with pretty much any router,rrespective of 
brand or model.Any idea how to program the javascript to modify the DNS 
configuration? 

Best Regards 



Ken







------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]