CVE-2013-6223: Local Password Disclosure in LiveZilla
An 1click file that allows an admin to log into LiveZilla using a mouse click is saved in a xml representation. This xml file includes the admin username and password in plaintext.
An 1click file that allows an admin to log into LiveZilla using a mouse click is saved in a xml representation. This xml file includes the admin username and password in plaintext.
This vulnerability enables any rogue app at any time to remove all existing device locks activated by a user. Furthermore we have created an app to demonstrate the issue. You can choose two options, remove all locks right away or remove them at a defined time.
On Windows systems with PHP versions installed that allow null bytes in the URL it is possible to turn a local file inclusion vulnerability to a full remote code execution vulnerability.
In this report we would like to point out how the rootkit infects a system, how it operates and what kind of anti-reversing and anti-debugging techniques are in place.
We are back with a great blogpost. This time about data exfiltration using ping, packed together as a simple backdoor-like code. The technique may work in generell for linux and windows as well, however the main target and interest was Android.
This vulnerability can be used to get payment credentials for Google Wallet and Paypal by abusing the popular application Whatsapp.
Today, we will show a bug concerning OpenSSH. OpenSSH is the most used remote control software nowadays on *nix like operating systems. Legacy claims it replaced unencrypted daemons like rcp, rsh and telnet. Find a version at: https://www.openssh.com.
In Part 1 of the analysis we have seen a first description of the dropper and how to extract the executeable placed in the file. To move forward with work we dumped the memory with the decrypted virus body and continued the analysis.
Some days ago we received an email with a double zipped dropper agent included. We decided to start an analysis. This is the first part with our results, in this blogpost we only focus on the dropper itself.
This time I will focus on FreeBSD kernel developement. The recent stable version of FreeBSD is 9.0, but for this example we will use a version 8.1 with i386 architecture.