Jump to content

STOP IE!!!!!!!!!!!!!!!!!!!!

Mainter

By Mainter
in Channel Zero

 Share

Recommended Posts

This forum is supported by the 12ozProphet Shop, so go buy a shirt and help support!
This forum is brought to you by the 12ozProphet Shop.
This forum is brought to you by the 12oz Shop.
  • Replies 88
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Mainter

Mainter

Posted
  • Author
Posted

agree with geez post same with them MAC users (dumy) Hackers only go for the product that people who use most so they get fame from the underground why hack a Mac when noone uses them

 

successfully reproduced this exploit on a fully patched XPSP2

installation and can verify that malware.htm is planted locally after

which HTML Help is used to launch it and circumvent the XPSP2 browser

security improvements, compromising the system.

 

However, this exploit did not work on any systems with Qwik-Fix Pro

installed, from Windows 95 to Windows XP Service Pack 2. A free Home

edition and a trial Corporate edition is available for download at

 

http://www.pivx.com/qwikfixDownload.asp

 

Before you can successfully use any Drag'n'Drop technique or script

shortcuts to plant a file on the local system you first need to be able

to reference local content. If you cannot reference local contents or

directories from the Internet zone then you cannot retrieve the window

handle that is necessary for any Drag'n'Drop exploits or any

cross-domain scripting exploits.

 

IE6SP1 initially blocked all direct references to the FILE:// and RES://

protocols which I demonstrated how to circumvent through the OBJECT

element. This was quickly patched in the next cumulative security update

and thereby blocked the traditional cross-domain scripting exploits.

XPSP2 went further and tightened down the Local Machine Zone with the

recommendations PivX Labs made public in late 2003 so that even if you

could find a way to reference local content and subsequently inject

scripting through a cross-domain vulnerability you would not be able to

accomplish anything. This LMZ lockdown has a per-process exception list

in which HTML Help is included.

 

When the LMZ is locked down attackers have to find alternative attack

vectors, of which the Drag'n'Drop vulnerability is a prime example. When

IE renders an IMG element it gives priority to the SRC attribute but

when IE drops an IMG element on an arbitrary window it gives priority to

the DYNSRC attribute. If you are able to reference any local content you

can therefore drop the DYNSRC attribute of the IMG element on the window

with local content and thereby plant a file on the file system in a

known location.

 

The browser security improvements in XPSP2 does not include further

restrictions on referencing local content which is why the Drag'n'Drop

exploits to this date affect fully patched XPSP2 systems. Qwik-Fix Pro

restricts local content referencing through a number of means of which

one is responsible for protecting against this exploit:

 

In order for http-equiv's exploit to work the "ceegar.html" file uses

the AnchorClick behavior to open "C:\WINDOWS\PCHealth\" in a named

window which is then used as a drop target for the DYNSRC pointing to

the "malwarez" file. When any behavior in IE tries to list a local

directory it uses the Shell.Explorer ActiveX object, an object which has

no justification of use inside the browser but which is heavily used by

Windows Explorer itself.

 

Setting the Kill Bit on the Shell.Explorer ActiveX object prevents IE

from referencing local directories in a window object, whether it's

through AnchorClick behavior or some other approach that we discover

tomorrow. The GUID for Shell.Explorer is

{8856F961-340A-11D0-A96B-00C04FD705A2} and Knowledge Base article 240797

(http://support.microsoft.com/?kbid=240797 ) explains how the process

works.

 

PivX Labs released a freely available registry fix that sets the Kill

Bit on Shell.Explorer almost 2 months ago which can be downloaded from

 

http://www.pivx.com/research/freefixes/neu...ellexplorer.reg

 

For clarity, here are the file contents:

 

=== neutershellexplorer.reg ===

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}]

"Compatibility Flags"=dword:00000400

=== neutershellexplorer.reg ===

 

 

PivX Labs has covered this topic several times before on the Unpatched

mailing list which receives advance notification of our security

research, including several Win95-XPSP2 vulnerabilities that will be

released in the interim future. For more information or to subscribe you

can visit

 

http://unpatched.pivxlabs.com

Link to comment
Share on other sites
Future Droid

Future Droid

Posted
Posted

if you keep I E updated its not that bad.

 

the reason its so prone to HACKERS, is because they hate microsoft.

 

actually some of the features on mozilla/firefox fuck up things for webmasters who arent trying to do devious stuff.

 

so in all you may think you are more protected, and you may be, but at the same time it may be blocking you from pertenant info.

Link to comment
Share on other sites
SteveAustin

SteveAustin

Posted
Posted
Originally posted by Shark Hammil+Dec 13 2005, 08:56 PM--><div class='quotetop'>QUOTE (Shark Hammil - Dec 13 2005, 08:56 PM)</div><div class='quotemain'>SAFARI NIGGA, SAFARI.

[/b]

 

 

Originally posted by gasfacevictm@Dec 13 2005, 10:04 PM

FIREFOX

 

 

Originally posted by JUDONO?@Dec 14 2005, 01:06 AM

firefox homie.

 

 

<!--QuoteBegin-nozaki@Dec 15 2005, 11:25 AM

safari

 

word.

Link to comment
Share on other sites
  • 5 months later...
MAR

MAR

Posted
Posted

i like explore. they key to not fucking up your computer is a good spyware cleaner, a good anti-virus, a good firewall, and chilling on the pr0n site usage. and also not having aol installed on your comp. it slows everything down like whoa.

Link to comment
Share on other sites
fermentor666

fermentor666

Posted
Posted

Re: STOP IE!!!!!!!!!!!!!!!!!!!!

 

i like explore. they key to not fucking up your computer is a good spyware cleaner' date=' a good anti-virus, a good firewall, and chilling on the pr0n site usage. and also not having aol installed on your comp. it slows everything down like whoa.[/quote']

 

 

 

You wouldn't need to use all that shit all the time if you stopped using MSIE. I've had barely any problems since I moved to Netscape and then to Firefox, aside from Firefox inexplicably crashing on start-up sometimes. MSIE is for the dogs. It's Microsoft's tantrum in the face of international standards. If they can't control it and dictate it, then they won't support it.

Link to comment
Share on other sites
MAR

MAR

Posted
Posted

what using a different internet explorer is going to make me have less problems with virii and spam. please. all that stuff is nessisary. I like microsoft and I havent had any problems with them yet. macs on the otherhand.....this guy knowsclick me

Link to comment
Share on other sites
fermentor666

fermentor666

Posted
Posted

No, using Firefox or even Netscape will stop you from having most problems that involve internet browsers. Especially Firefox, which is open source and coded well in terms of protection from outside threats. If you think that it won't make a difference then you are only fooling yourself and hey, it's your computer that will be trashed and your time that will be wasted, not mine.

 

And one of the reasons why there are so few viruses and worms on Macs is because the very thing that draws so many people to the PC is the ability to go into the core of the OS and program or change configurations (MS-DOS, Linux, Unix), and in turn that is what makes it so easy to make a virus. It's the give and take. Do you want to have full control of your computer and the potential to make whatever you can dream of coding in turn for having a world full of hacks and exploits, or do you want the have a rigid structure with a few exceptionally nice programs and just about no way to make your own, but with no threats. The first part of the former is why PCs became so popular in the first place. Macs are great little boxes when they are at their prime. For certain people, being relatively problem and virus-free is a big draw, along with the fact that there's very few ways to screw things up (example: you don't have to worry about registry editing or deleting some extremely important .dll files or having to worry about drivers) and they are very straight-forward and easy to use. But for people who code, PCs are the only way. Because of that, there are more programs and more programs draws more customers. And then you have a very unsuspecting mass of people to fuck with.

Link to comment
Share on other sites
MAR

MAR

Posted
Posted

Re: STOP IE!!!!!!!!!!!!!!!!!!!!

 

I used to crack back in the days of telnet, shell accounts, and pinging:). happy hacker (props for whoever know what im talking about). now its all downloaded programs.

 

ie does what i need it too and frankly im not too concerned with outside threats. My computer is fairly well protected and im happy.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...