| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Jul 2010 08:14:46 -0400 From: "McGhee, Eddie" <Eddie.McGhee@....com> To: MustLive <mustlive@...security.com.ua>, "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: Sending spam via sites and creating spam-botnets POC? -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of MustLive Sent: 20 July 2010 19:51 To: full-disclosure@...ts.grok.org.uk Subject: [Full-disclosure] Sending spam via sites and creating spam-botnets Hello participants of Full-Disclosure! In continue to my last month's article Using of the sites for attacks on other sites and my previous article about creating of botnet from zombie-servers and program DDoS attacks via other sites execution tool (DAVOSET), I want to draw your attention to another aspect of Abuse of Functionality vulnerabilities. At the end of last week I wrote new article Sending spam via sites and creating spam-botnets (http://websecurity.com.ua/4382/). Which I'll tell you briefly about. Similarly to using of the sites for attacks on other sites via Abuse of Functionality vulnerabilities, it's also possible via Abuse of Functionality to use sites for sending spam. There are many such vulnerabilities in Internet, which I wrote about many times, as vulnerable sites, as vulnerable plugins (which used at many sites). So many sites can be used for sending spam. Using of Abuse of Functionality for sending spam. Researching of such vulnerabilities I begun already in 2007. From that time I found many web sites with such vulnerabilities and also vulnerable plugins for popular web applications. Particularly such plugins as WP-ContactForm for WordPress, Contact Form ][ for WordPress and com_alfcontact for Joomla. Creating of spam-botnets from sites. Similarly to tools for conducting of DDoS attacks via Abuse of Functionality vulnerabilities, as for example DAVOSET, in exactly the same way the tools for mass spam sending can be created. Via multiple Abuse of Functionality vulnerabilities at different sites. I.e. these vulnerabilities can be used for creating of spam-botnets with zombie-servers. And taking into account that spam will be sending from servers of well-known companies, then very likely that these letters will bypass spam-filters. Taking into account widespread of Abuse of Functionality vulnerabilities at the sites, which allow to send spam, and ignoring of sites' admins of this problem, it's actual. And taking into account that network from these zombie-servers can be created without wasting of resources (including financial), as it occurs in classical botnets, then this type of botnets is very profitable from financial side. So with time spammers can draw attention at this method of sending spam and at this type of spam-botnets. P.S. If your site will be DDoSed from Google's servers or you will receive spam from IBM's servers, than you will be knowing what type of botnets it is. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists