Monday, March 17, 2014

0days galore

”If us are so given to judge others, it is because we tremble for ourselves”. With these words picked Oscar Wilde human weakness, his fear of failure and how easy it is to point us to a third party errors.

Because if we are good at something is to find faults in the work of others. These days the famous Pwn2Own contest is taking place. A hackathon in which experts in finding exploits of each development team strive to find vulnerabilities in browsers of competition. For now, the worst located Mozilla Firefox, which has been lying with 4 0days. Although closely followed by Chrome, IE, Adobe and Oracle, they will have to put the batteries in their own security updates.

The Replicant development team, a Linux distribution, claims to have found a backdoor in the Samsung ROM that allows relatively easy access to the device file systems remotely. The problem seems to come from a system upgrade and remote management developed by Samsung, which has seized on this team out of its sandbox (ecosystem where moving a service or application that has reduced permissions) and climbing up to control privileges the filesystem. So far, Samsung has yet to comment.

Any time you have you stopped to think how the scanner operates passenger screening at an airport? The researchers Billy Rios and Terry McCorkle Qualys themselves, and their deductions are merely alarming about the case. Most of these devices have a version of Windows 98 operating system, which has long ceased to receive critical updates, and therefore it is quite susceptible to attack, allowing to modify what is shown on the screen. Furthermore, to avoid human errors, the system itself every so often includes a fictional image of a gun in luggage overwritten user, which makes a different to the actual alarm. An attacker could overwrite this fictitious image above the actual image of a weapon, causing the operator activase this alarm, and the system taken as fictitious. Fortunately, and to avoid a massive stampede of using this type of transport, we must say that almost all of these scanners do not have internet access, so it would require the individual to be present, which will surely attract attention.

In the end, it all translates into how to access more services than a priori could access. And if we have a corporate network, and got take control of DHCP or DNS servers, the possibilities increase exponentially. Chema Alonso explains it on his blog: A committed device, to the DHCP server, change the configuration files, and full access to the other terminals of the company. We only need to find one device connected to the network and does not have proper security protocols (laptops, cameras, routers, …) to operate as we see fit in any network architecture.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)


Post a Comment