Tips for not looking stupid on TV?

[irongeek at irongeek.com (Adrian Crenshaw)]

Well, they took very little of what I said, and played up the voyeur aspect
(I told them webcams were not that big a worry, but drive by bot installs
were). Also, I'm currently now being hired as a pentester, so the part about
me being hired to break into other boxes is not quite accurate. Still, it
could have been worse:

http://www.whas11.com/home/Eyes-on-you-Beware-Internet-hackers-on-your-webcam-92464624.html



Thanks,
Adrian


On Sun, Mar 28, 2010 at 7:00 PM, Adrian Crenshaw <irongeek at irongeek.com>wrote:

> Mick and Robin, Thanks. Russ, I'm looking into Espia now.
>
>
> Adrian
>
> On Sat, Mar 27, 2010 at 1:43 PM, Butturini, Russell <
> Russell.Butturini at healthways.com> wrote:
>
> > Meterpreter plus the espia plugins would probably make for a good demo.
> >
> > ------------------------------
> >  *From*: pauldotcom-bounces at mail.pauldotcom.com <
> > pauldotcom-bounces at mail.pauldotcom.com>
> > *To*: PaulDotCom Security Weekly Mailing List <
> > pauldotcom at mail.pauldotcom.com>
> > *Sent*: Sat Mar 27 09:14:54 2010
> > *Subject*: [Pauldotcom] Tips for not looking stupid on TV?
> >
> >       I'm guessing the reported just did a Google search for Louisville
> > and hacking and came up with me. He basically asked " I?m writing to see if
> > you would like to help me with a story we?re doing. It is about a hole in
> > Microsoft security in Internet Explorer that allows hackers to spy on people
> > through their webcams.  Is it possible? How does it work? And can you show
> > us for the purposes of a story?" I was not aware of anything specific to
> > webcams and IE, but he sent me a clipping and I think he was basing it on
> > this:
> >
> > http://www.youtube.com/user/MichaelSias#p/u/11/8DtgG58aIBw
> >
> > I told him:
> >
> > 1. Looks like they are relating it to Operation Aurora.
> >
> > 2. It's not really Web cam specific, any vulnerability that say it allows
> > for "arbitrary code execution" could do the same thing.
> >
> > 3. Most of the buzz seems to be talking about IE 6, which it pretty out of
> > date. However, some corporations still run int because it it what their
> > webapps support.
> >
> > 4. The specific vulnerability is CVE-2010-0249 and code for the exploit
> > can be found here:
> > http://www.exploit-db.com/exploits/11167
> >
> > 5. Microsoft has release a patch for it:
> > http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx
> >
> > 6. If a user is silly enough to run a random exe a website/email/p2p
> > network gives them, they will likely get "owned" regardless of the whither
> > on not there is an exploit.
> >
> > 7. There are programs out their that can be used to monitor others. An
> > exploit that allows for "arbitrary code execution" can install one in
> > theory, but so could a snooping significant other.
> >
> > 8. Google hacking/Google dorks are always fun. Basically, people put
> > devices on an Internet facing LAN that should not. Beside webcams, you can
> > also fine printers and other devices. Try these Google searches:
> >
> > intitle:"Live View / ? AXIS"
> > inurl:/cgi/ieng
> > inurl:hp/device/this.LCDispatcher
> >
> > Or a big list from here:
> > http://www.hackersforcharity.org/ghdb/?function=summary&cat=18
> >
> >
> > Any tips on how to best deal with the media? Is there a webcam related IE
> > exploit out there I'm not aware of, or is is just a case of "one of the
> > things people can do with arbitrary code execution"?
> >
> > Thanks,
> > Adrian
> >
> >
> >
> > ******************************************************************************
> > This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than 
> > the named recipient of this email,
> > and is to be used only for the intended purpose of this communication.
> > ******************************************************************************
> >
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100430/7878cbec/attachment.htm