lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BAY10-DAV2EB9F5AE71E819ECB9930D9790@phx.gbl>
From: se_cur_ity at hotmail.com (morning_wood)
Subject: NAT router inbound network traffic subversion

scenario...

NAT client browses web...
NAT client initates a HTTP request to do this...
ROUTER returns the request to NAT client...
( normal activity )

attacker website exploits client browser...
exploit drops and executes "badfile.exe"
"badfile.exe" hooks iexplore.exe...

"badfile.exe" is 'reverse connecting trojan'...
"badfile.exe" initiates a HTTP  request to do this...
attacker's "badfile.exe"' 'client' is waiting with a HTTP server...

the new hooked browser initiates a HTTP request to the attacker.
NAT client is now connected to the attacker
through the ROUTER ( kinda like browsing the web huh? )
attacker now has unrestricted packet via the NAT client,
that is where ??? BEHIND YOUR ROUTER

atacker now can do a he wishes to the rest of your network
( GAME OVER )


Cheers,
m.w

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ