lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY10-DAV2EB9F5AE71E819ECB9930D9790@phx.gbl> From: se_cur_ity at hotmail.com (morning_wood) Subject: NAT router inbound network traffic subversion scenario... NAT client browses web... NAT client initates a HTTP request to do this... ROUTER returns the request to NAT client... ( normal activity ) attacker website exploits client browser... exploit drops and executes "badfile.exe" "badfile.exe" hooks iexplore.exe... "badfile.exe" is 'reverse connecting trojan'... "badfile.exe" initiates a HTTP request to do this... attacker's "badfile.exe"' 'client' is waiting with a HTTP server... the new hooked browser initiates a HTTP request to the attacker. NAT client is now connected to the attacker through the ROUTER ( kinda like browsing the web huh? ) attacker now has unrestricted packet via the NAT client, that is where ??? BEHIND YOUR ROUTER atacker now can do a he wishes to the rest of your network ( GAME OVER ) Cheers, m.w
Powered by blists - more mailing lists