Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Information Security News: Hackers hit New Zealand Herald website

Hackers hit New Zealand Herald website

From: InfoSec News <alerts_at_infosecnews.org>
Date: Wed, 29 Aug 2007 00:13:28 -0500 (CDT)

http://www.stuff.co.nz/4182914a28.html

By Juha Saarinen
Stuff.co.nz
29 August 2007

The New Zealand Herald's website fell victim to a page spoofing stunt
earlier today, by hackers wanting to publicise their upcoming Kiwicon
security conference in November.

In this case, the spoofing meant the hackers displayed a parody of a
Herald article to users, rather than a real one, when surfers called up
an article on the future of the Internet.

"Metlstorm", one of the organisers of Kiwicon Wellington, says it's
analogous to taping a fake article into a printed copy of the Herald,
before giving the paper to a reader.

The bogus article was marked clearly as "a joke", he says, and contains
"wildly unreasonable comment that no sane person would believe."

He is at pains to explain that the stunt is harmless and wasn't a real
hack, in the sense of breaking into any systems.

Web developer Dylan Reeve of Bunker Media in Auckland says the hackers
used an XSS, or cross-site scripting, bug to display their own content.

"After the page loads, the XSS bug is used to inject Javascript [a type
of web-page programming language] that rewrites the article."

The spoof doesn't work in Internet Explorer 7, but Firefox 2.0 displays
the bogus page, Reeve says.

The real page loads when accessed with Internet Explorer 6 too.

"Everything you see in the page is created in the user's web browser,"
Reeve adds. Nothing on the Herald server has been changed, says Reeve.

Asked if such a stunt can be dangerous, Reeve says at worst it can trick
users into believing they're seeing something on a site that isn't in
reality there.

The risk is limited however, according to Reeve, who says the URL or web
link address that users follow has to be formatted in a very specific
way.

Earlier this month, the Computerworld newspaper, part of Fairfax
Business Media, was spoofed in the same way by the Kiwicon hackers.

Stuff alerted the Herald Online to what has happened, and has been
promised comment shortly.

____________________________________
Attend HITBSecConf2007 - Malaysia
Taking place September 3-6 2007 featuring seven tracks of technical
training and a dual-track security conference with keynote speakers
Lance Spitzner and Mikko Hypponen! - Book your seats today!
http://conference.hitb.org/hitbsecconf2007kl/
Received on Aug 28 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]