lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4600C682.5040001@hotmail.com>
Date: Wed, 21 Mar 2007 00:45:38 -0500
From: Saeed Abu Nimeh <drellman@...mail.com>
To: wangkaig@...ovo.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Newest hacks

similar to this:
http://seclists.org/bugtraq/2007/Feb/0285.html
We discovered a new potential threat that we term "Drive-by Pharming".
An attacker can create a web page containing a simple piece of malicious
JavaScript code. When the page is viewed, the code makes a login attempt
into the user's home broadband router and attempts to change its DNS
server settings (e.g., to point the user to an attacker-controlled DNS
server). Once the user's machine receives the updated DNS settings from
the router (e.g., after the machine is rebooted) future DNS request are
made to and resolved by the attacker's DNS server.


wangkaig@...ovo.com wrote:
> Hi guys,
> 
> I noticed a news recently.Researchers at Indiana University's Department 
> of Computer Science recently released a report outlining a way hackers 
> could potentially access and change the configuration routers on home 
> networks. They described how some JavaScript built into a Web page could 
> be used to log into the administrator account of a home router and change 
> its DNS (define) settings.The Indiana University report points out that 
> this attack doesn't exploit any browser vulnerability, and, more 
> importantly, it seems to work with pretty much any router,rrespective of 
> brand or model.Any idea how to program the javascript to modify the DNS 
> configuration? 
> 
> Best Regards 
> 
> 
> 
> Ken
> 
> 
> 
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ