Russian security firm Intevydis has made a Windows exploit for a previously unknown security hole in Firefox 3.6 available to its customers. The exploit allows attackers to remotely gain control of a PC. Intevydis develops the commercial VulnDisco add-on for the also commercial Canvas exploit toolkit by vendor Immunity. On the Immunity forum, developer Evgeny Legerov praises his exploit for Windows XP (SP3) and Vista as being quite reliable. The developer says It was an interesting challenge to find the flaw – a buffer overflow – and to exploit it.
While the post dates back to the beginning of February, the hole is likely to remain open since no updates have been released for Firefox 3.6 so far. Secunia rates the problem as critical, but hasn’t provided any further information in its advisories and the Mozilla Foundation has become aware of the problem, but has yet to release an official statement. Whether the exploit has already been widely circulated or used on a large scale remains unknown.
However, according to the analysis on the Extraexploit blog, a significant increase in the number of Firefox 3.6 crashes was noted on the 12th and 13th of February. It is unclear whether the crashes were connected to the exploit being tested. The pages causing the highest number of crashes are listed in Mozilla’s crash reports.
In passing, Legerov also mentions zero day exploits for Lotus Notes 8.5/8.5fp1 and for RealPlayer 11. The exploit for RealPlayer is the modernised version of an exploit that appeared two years ago for a hole that RealPlayer closed only recently.
[click to continue…]
FindDomains is a multithreaded search engine discovery tool that will be very useful for penetration testers dealing with discovering domain names/web sites/virtual hosts which are located on too many IP addresses. Provides a console interface so you can easily integrate this tool to your pentest automation system.
It retrieves domain names/web sites which are located on specified ip address/hostname.
This tool is prepared by starting with Bing API 2.0 code sample.
In order to use FindDomains :
- Create an appid from “Bing Developers”, this link.
- It’ll be like that : 32AFB589D1C8B4FEC73D4BCB6EA0AD810E0FA2C7
- When you have registered an appid, enter it to the “appid.txt” which is on program directory.
Some outlines :
- Uses Bing search engine. Works with first 1000 records.
- Multithreaded on crawling and DNS resolution.
- Performs DNS resolution for extracted domains to eleminate cached/old records.
- Has a console interface so it can be very useful with some command-line foo.
- Works with Mono. But running under Windows is more efficient.
Sample usage :
1) FindDomains.exe 1.2.3.4
2) FindDomains.exe www.hotmail.com
[click to continue…]
Rock You has suffered a serious hacker attack that has exposed 32 million of its customer usernames and passwords to possible identity theft. And it has apparently taken RockYou more than 10 days to inform its users of the breach.
The security firm Imperva informed RockYou that its site had a serious SQL injection flaw, according to reports. Imperva said that some users’ passwords had already been compromised as a result of the vulnerability by the time it notified RockYou of its findings. RockYou acted quickly to fix the flaw, but perhaps not fast enough. One hacker claimed to have gotten access to the accounts and posted some data as proof. Apparently, the database included the full list of unencrypted passwords in plain text.
The flaw is a big one because RockYou usernames and passwords are, by default, the same as users’ email names and passwords. Security experts are advising RockYou users to change their emails and passwords. RockYou has some of the most popular apps on Facebook, and it ranks third among Facebook developers with 55 million monthly active users, according to AppData.
SQL injection exploits a vulnerability in an app’s database layer and is a very common attack. It potentially lets hackers steal private information, and Yahoo’s jobs site recently suffered a similar attack. Imperva chief technology officer Amichai Shulman told eWeek Europe that users are particularly vulnerable if they use the same usernames and passwords for all of the sites that they visit.
[click to continue…]
nSSIDer is an award-winning free Wi-Fi network scanner for Windows Vista and Windows XP. Because NetStumbler doesn’t work well with Vista and 64-bit XP, an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems.
[click to continue…]
