lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <097B1E4792366344925A4B6B99C00A8255E655507C@zaphod.home.jalojash.org>
Date: Fri, 31 Oct 2008 13:05:15 -0700
From: Jim Harrison <Jim@...tools.org>
To: Adrian P <unknown.pentester@...il.com>, "bugtraq@...urityfocus.com"
	<bugtraq@...urityfocus.com>, "full-disclosure@...ts.grok.org.uk"
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: Universal Website Hijacking by Exploiting
 Firewall Content Filtering Features + SonicWALL firewalls 0day

The concept is at least 5 years old: http://support.microsoft.com/kb/816456/.

Jim

-----Original Message-----
From: Adrian P [mailto:unknown.pentester@...il.com]
Sent: Thursday, October 30, 2008 7:31 PM
To: bugtraq@...urityfocus.com; full-disclosure@...ts.grok.org.uk
Subject: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day

Hello folks,

Yesterday, I presented for the first time [1] a new method to perform
universal website hijacking by exploiting content filtering features
commonly supported by corporate firewalls. I briefly discussed [2] the
finding on GNUCITIZEN in the past without giving away the details, but
rather mentioning what the attacker can do and some characteristics of
the attack.

Anyway, I'm now releasing full details on how the technique works, and
a real 0day example against SonicWALL firewalls.

The paper can be found on the GNUCITIZEN labs site. Please let me know
if you can successfully use the same technique against firewalls by
other vendors:

http://sites.google.com/a/gnucitizen.org/lab/research-papers

Finally, I'd like to thank Zero Day Initiative [3] for their great
work and the Hack in the Box crew for organizing such a fine event!

Regards,
ap.

REFERENCES

[1] "HITBSecConf2008 - Malaysia: Cracking into Embedded Devices and Beyond!"
http://conference.hackinthebox.org/hitbsecconf2008kl/?page_id=186

[2] "New technique to perform universal website hijacking"
http://www.gnucitizen.org/blog/new-technique-to-perform-universal-website-hijacking/

[3] "SonicWALL Content-Filtering Universal Script Injection Vulnerability"
http://www.zerodayinitiative.com/advisories/ZDI-08-070/

--
Adrian "pagvac" Pastor | GNUCITIZEN
gnucitizen.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ