Full Disclosure mailing list archives
Re: Newest hacks
From: Sebastian Krahmer <krahmer () suse de>
Date: Wed, 21 Mar 2007 10:08:48 +0100 (CET)
On Wed, 21 Mar 2007, Saeed Abu Nimeh wrote: Hi, This is not very different from the common session riding attacks happening since ages, except the part after the "vulnerability" (changing DNS or whatever). Internal 192.168.x.y <img src=> tags have been used since years to trigger intranet CGI's and configuration stuff. The possibility to exploit this with DSL modems and alike is straight forward ;-) Nice however... Sebastian
similar to this: http://seclists.org/bugtraq/2007/Feb/0285.html We discovered a new potential threat that we term "Drive-by Pharming". An attacker can create a web page containing a simple piece of malicious JavaScript code. When the page is viewed, the code makes a login attempt into the user's home broadband router and attempts to change its DNS server settings (e.g., to point the user to an attacker-controlled DNS server). Once the user's machine receives the updated DNS settings from the router (e.g., after the machine is rebooted) future DNS request are made to and resolved by the attacker's DNS server. wangkaig () lenovo com wrote:Hi guys, I noticed a news recently.Researchers at Indiana University's Department of Computer Science recently released a report outlining a way hackers could potentially access and change the configuration routers on home networks. They described how some JavaScript built into a Web page could be used to log into the administrator account of a home router and change its DNS (define) settings.The Indiana University report points out that this attack doesn't exploit any browser vulnerability, and, more importantly, it seems to work with pretty much any router,rrespective of brand or model.Any idea how to program the javascript to modify the DNS configuration? Best Regards Ken ------------------------------------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer () suse de - SuSE Security Team ~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Newest hacks wangkaig (Mar 20)
- Re: Newest hacks Jim Popovitch (Mar 20)
- Re: Newest hacks Saeed Abu Nimeh (Mar 20)
- Message not available
- Re: Newest hacks Sebastian Krahmer (Mar 21)
- <Possible follow-ups>
- Re: Newest hacks Nick Eoannidis (Mar 21)
- Re: Newest hacks Jason Miller (Mar 21)
- Message not available
- Re: Newest hacks Jason Miller (Mar 21)
- Re: Newest hacks scott (Mar 21)
- Re: Newest hacks Jason Miller (Mar 21)