Re: Newest hacks

[Saeed Abu Nimeh <drellman () hotmail com>]

similar to this:
http://seclists.org/bugtraq/2007/Feb/0285.html
We discovered a new potential threat that we term "Drive-by Pharming".
An attacker can create a web page containing a simple piece of malicious
JavaScript code. When the page is viewed, the code makes a login attempt
into the user's home broadband router and attempts to change its DNS
server settings (e.g., to point the user to an attacker-controlled DNS
server). Once the user's machine receives the updated DNS settings from
the router (e.g., after the machine is rebooted) future DNS request are
made to and resolved by the attacker's DNS server.


wangkaig () lenovo com wrote:
> Hi guys,
>
> I noticed a news recently.Researchers at Indiana University's Department 
> of Computer Science recently released a report outlining a way hackers 
> could potentially access and change the configuration routers on home 
> networks. They described how some JavaScript built into a Web page could 
> be used to log into the administrator account of a home router and change 
> its DNS (define) settings.The Indiana University report points out that 
> this attack doesn't exploit any browser vulnerability, and, more 
> importantly, it seems to work with pretty much any router,rrespective of 
> brand or model.Any idea how to program the javascript to modify the DNS 
> configuration? 
>
> Best Regards 
>
>
>
> Ken
>
>
>
>
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/