Archive for the ‘Security’ Category
VLC Player Vulnerability
Last Updated on Wednesday, 19 August 2009 06:40 Written by DarkKnightH20 Wednesday, 19 August 2009 06:40
A lot of people use VLC Player to play movies and music. Recently, a vulnerability was disclosed that effects version 0.9.9 — 1.0.1. A specifically crafted SMB:// URI can cause a remote buffer overflow, allowing for possible malicious code execution. More information can be seen on Juniper.net. A variety of Proof of Concept (PoC) code is available at SecurityFocus.com. A fix is available here. Be safe…And be good.
Posted under Security | No Comments
Botnet Using Twitter
Last Updated on Saturday, 27 March 2010 11:03 Written by DarkKnightH20 Saturday, 15 August 2009 03:13
This is definitely to be expected. As I made apparent in my DDoS text, botnets are very flexible in the way that they can be controlled and that they’re only limited by the creator’s creativity. The article can be read at Arbor Networks, but I’ll provide an excerpt for those who have only the slightest bit of time to read or no interest–
While digging around I found a botnet that uses Twitter as its command and control structure. Basically what it does is use the status messages to send out new links to contact, then these contain new commands or executables to download and run. The account in question is under analysis by Twitter’s security team. I spotted it because a bot uses the RSS feed to get the status updates.
The article continues to go on to show some messages were base64 encoded, PKZIP was used, and the exes were packed with UPX (highly detectable packer that leaves a signature in the exe and is just overall popular and therefore easily unpacked]). Using Twitter was an interesting (but bad) idea, but this isn’t as “omg” as people think. Tagboards can be used, forums can be used, irc servers — basically any website that allows for the public posting of informaton with little (to no) moderating. This Twitter botnet was easy to find because of the suspicious page setup. If being anonymous is key to someone, then using something way less public with a high difficulty to put two-in-two together is essential.
Logitech Wave Pro Sale & WordPress Vulnerability
Last Updated on Wednesday, 12 August 2009 11:16 Written by DarkKnightH20 Wednesday, 12 August 2009 11:16
Arrrrrrrrrr. So I paid $80 for my Logitech Wave Pro mouse and keyboard and naturally afterwards it goes on sale yet again. I could have waited for it, knowing very well it would go on sale again soon, but I just had to buy it early. Sigh duck! Anyway, it’s on sale now for $65. Feel free to read about it here on my blog’ish DarkKnightH20.com area. The layout is ugly so ignore that for now. Changes will be made to it in due time, but my main focus is GeekMontage currently so that website will be stuck with any ugly layout for now. Bwahahaha! On another note, there is a new WordPress vulnerability afoot. It is a simple one, of which can be used to annoy your friends! Basically, it resets the users password so he/she cannot login. Versions that are vulnerable: 2.8.3 and lower. Use the below URL, modifying it to your own WordPress’s URL, to test it out.
http://DOMAIN_NAME.TLD/wp-login.php?action=rp&key[]=
Do not use it on anyone else’s WordPress except for your own, naughty ones! Note that the newest version, 2.8.4, has patched this and came out today. WordPress is extremely easy to update (being able to automatically upgrade to the next version through one click), so the “shelf life” of this is relatively small.
Posted under News, Security | No Comments