| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Mar 2007 00:45:38 -0500 From: Saeed Abu Nimeh <drellman@...mail.com> To: wangkaig@...ovo.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Newest hacks similar to this: http://seclists.org/bugtraq/2007/Feb/0285.html We discovered a new potential threat that we term "Drive-by Pharming". An attacker can create a web page containing a simple piece of malicious JavaScript code. When the page is viewed, the code makes a login attempt into the user's home broadband router and attempts to change its DNS server settings (e.g., to point the user to an attacker-controlled DNS server). Once the user's machine receives the updated DNS settings from the router (e.g., after the machine is rebooted) future DNS request are made to and resolved by the attacker's DNS server. wangkaig@...ovo.com wrote: > Hi guys, > > I noticed a news recently.Researchers at Indiana University's Department > of Computer Science recently released a report outlining a way hackers > could potentially access and change the configuration routers on home > networks. They described how some JavaScript built into a Web page could > be used to log into the administrator account of a home router and change > its DNS (define) settings.The Indiana University report points out that > this attack doesn't exploit any browser vulnerability, and, more > importantly, it seems to work with pretty much any router,rrespective of > brand or model.Any idea how to program the javascript to modify the DNS > configuration? > > Best Regards > > > > Ken > > > > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists