| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Jul 2010 11:44:50 +0100 From: Benji <me@...ji.com> To: MustLive <mustlive@...security.com.ua> Cc: "<full-disclosure@...ts.grok.org.uk>" <full-disclosure@...ts.grok.org.uk> Subject: Re: Sending spam via sites and creating spam-botnets > P.S. > > If your site will be DDoSed from Google's servers or you will receive spam > from IBM's servers, than you will be knowing what type of botnets it is. > Pjear bitches. Sent from my iPhone On 20 Jul 2010, at 19:50, "MustLive" <mustlive@...security.com.ua> wrote: > Hello participants of Full-Disclosure! > > In continue to my last month's article Using of the sites for attacks on > other sites and my previous article about creating of botnet from > zombie-servers and program DDoS attacks via other sites execution tool > (DAVOSET), I want to draw your attention to another aspect of Abuse of > Functionality vulnerabilities. At the end of last week I wrote new article > Sending spam via sites and creating spam-botnets > (http://websecurity.com.ua/4382/). Which I'll tell you briefly about. > > Similarly to using of the sites for attacks on other sites via Abuse of > Functionality vulnerabilities, it's also possible via Abuse of Functionality > to use sites for sending spam. > > There are many such vulnerabilities in Internet, which I wrote about many > times, as vulnerable sites, as vulnerable plugins (which used at many > sites). So many sites can be used for sending spam. > > Using of Abuse of Functionality for sending spam. > > Researching of such vulnerabilities I begun already in 2007. From that time > I found many web sites with such vulnerabilities and also vulnerable plugins > for popular web applications. Particularly such plugins as WP-ContactForm > for WordPress, Contact Form ][ for WordPress and com_alfcontact for Joomla. > > Creating of spam-botnets from sites. > > Similarly to tools for conducting of DDoS attacks via Abuse of Functionality > vulnerabilities, as for example DAVOSET, in exactly the same way the tools > for mass spam sending can be created. Via multiple Abuse of Functionality > vulnerabilities at different sites. I.e. these vulnerabilities can be used > for creating of spam-botnets with zombie-servers. And taking into account > that spam will be sending from servers of well-known companies, then very > likely that these letters will bypass spam-filters. > > Taking into account widespread of Abuse of Functionality vulnerabilities at > the sites, which allow to send spam, and ignoring of sites' admins > of this problem, it's actual. And taking into account that network from > these zombie-servers can be created without wasting of resources (including > financial), as it occurs in classical botnets, then this type of botnets is > very profitable from financial side. So with time spammers can draw > attention at this method of sending spam and at this type of spam-botnets. > > P.S. > > If your site will be DDoSed from Google's servers or you will receive spam > from IBM's servers, than you will be knowing what type of botnets it is. > > Best wishes & regards, > MustLive > Administrator of Websecurity web site > http://websecurity.com.ua > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists