[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0703211005160.3994@wotan.suse.de>
Date: Wed, 21 Mar 2007 10:08:48 +0100 (CET)
From: Sebastian Krahmer <krahmer@...e.de>
To: Saeed Abu Nimeh <drellman@...mail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Newest hacks
On Wed, 21 Mar 2007, Saeed Abu Nimeh wrote:
Hi,
This is not very different from the common session riding attacks
happening since ages, except the part after the "vulnerability"
(changing DNS or whatever).
Internal 192.168.x.y <img src=> tags have been used since years to trigger
intranet CGI's and configuration stuff. The possibility to exploit this
with DSL modems and alike is straight forward ;-)
Nice however...
Sebastian
> similar to this:
> http://seclists.org/bugtraq/2007/Feb/0285.html
> We discovered a new potential threat that we term "Drive-by Pharming".
> An attacker can create a web page containing a simple piece of malicious
> JavaScript code. When the page is viewed, the code makes a login attempt
> into the user's home broadband router and attempts to change its DNS
> server settings (e.g., to point the user to an attacker-controlled DNS
> server). Once the user's machine receives the updated DNS settings from
> the router (e.g., after the machine is rebooted) future DNS request are
> made to and resolved by the attacker's DNS server.
>
>
> wangkaig@...ovo.com wrote:
> > Hi guys,
> >
> > I noticed a news recently.Researchers at Indiana University's Department
> > of Computer Science recently released a report outlining a way hackers
> > could potentially access and change the configuration routers on home
> > networks. They described how some JavaScript built into a Web page could
> > be used to log into the administrator account of a home router and change
> > its DNS (define) settings.The Indiana University report points out that
> > this attack doesn't exploit any browser vulnerability, and, more
> > importantly, it seems to work with pretty much any router,rrespective of
> > brand or model.Any idea how to program the javascript to modify the DNS
> > configuration?
> >
> > Best Regards
> >
> >
> >
> > Ken
> >
> >
> >
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@...e.de - SuSE Security Team
~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists