Full Disclosure mailing list archives
Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
From: Fionnbharr <thouth () gmail com>
Date: Fri, 31 Oct 2008 19:31:37 +1100
This isn't new. It isn't even a technique. http://www.bluecoat.com/support/securityadvisories/icap_patience A very recent example of this kind of vulnerability. My god you gnucitizen people are retarded. At least you didn't give it a ridiculous name like 'clickjacking'. Can you GNUtards please keep your 'research' into subjects people already know to yourself or at least not post it the lists, then at least I won't have to see it. Also "Malaysia: Cracking into Embedded Devices and Beyond!", who the fuck uses the word 'cracking' instead of 'hacking' in 2008? Sure for cracking passwords, but wow. 2008/10/31 Adrian P <unknown.pentester () gmail com>:
Hello folks, Yesterday, I presented for the first time [1] a new method to perform universal website hijacking by exploiting content filtering features commonly supported by corporate firewalls. I briefly discussed [2] the finding on GNUCITIZEN in the past without giving away the details, but rather mentioning what the attacker can do and some characteristics of the attack. Anyway, I'm now releasing full details on how the technique works, and a real 0day example against SonicWALL firewalls. The paper can be found on the GNUCITIZEN labs site. Please let me know if you can successfully use the same technique against firewalls by other vendors: http://sites.google.com/a/gnucitizen.org/lab/research-papers Finally, I'd like to thank Zero Day Initiative [3] for their great work and the Hack in the Box crew for organizing such a fine event! Regards, ap. REFERENCES [1] "HITBSecConf2008 - Malaysia: Cracking into Embedded Devices and Beyond!" http://conference.hackinthebox.org/hitbsecconf2008kl/?page_id=186 [2] "New technique to perform universal website hijacking" http://www.gnucitizen.org/blog/new-technique-to-perform-universal-website-hijacking/ [3] "SonicWALL Content-Filtering Universal Script Injection Vulnerability" http://www.zerodayinitiative.com/advisories/ZDI-08-070/ -- Adrian "pagvac" Pastor | GNUCITIZEN gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Adrian P (Oct 30)
- Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Fionnbharr (Oct 31)
- Ats.: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Kestutis Gudinavicius (Oct 31)
- Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Jim Harrison (Oct 31)