flat assembler
Message board for the users of flat assembler.

Index > Heap > must know backdoor exploits

Goto page 1, 2, 3, 4, 5  Next
Author
Thread Post new topic Reply to topic
sleepsleep



Joined: 05 Oct 2006
Posts: 8973
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
D-Link router

Quote:
It turned out that just by setting a browsers user-agent to 'xmlset_roodkcableoj28840ybtide' anyone can remotely bypass all authentication on D-Link routers.

http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/
read backward
xmlset_roodkcableoj28840ybtide
edit by 04882 joel backdoor _ teslmx

Quote:

Based on the source code of the HTML pages and some Shodan search results, it can be reasonably concluded that the following D-Link devices are likely affected:

DIR-100
DI-524
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240
Additionally, several Planex routers also appear to use the same firmware:

BRL-04UR
BRL-04CW


waiting for tp-link backdoor exploits. Cool
Post 14 Oct 2013, 20:25
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
Yeah... now computer viruses will have the ability to hijack your router, open firewall ports etc....

I mean it's that simple, make a trojan horse with a network scanner. Scan for the router, and send all kinds of HTTP requests to control the router.

I have a different router and I made a simple little program in VB.NET that notified me whenever a device was connected on my network. But of course I had to put the router's pwd in.
Post 14 Oct 2013, 20:57
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8973
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
i wonder wouldn't router simple mac address scan match prevent such approach? (assume user haven't connected to network)

typedef, what is the brand and model router you are using?
or your .net program logs into router page and do a loop interval refresh update on current connected list?
Post 15 Oct 2013, 02:49
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17347
Location: In your JS exploiting you and your system
revolution
MAC address filtering is not a way to stop infiltrators. MAC addresses are not immutable, they are arbitrary.
Post 15 Oct 2013, 04:02
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
sleepsleep wrote:
i wonder wouldn't router simple mac address scan match prevent such approach? (assume user haven't connected to network)

Nope. The MAC address will of that same computer that is infected. The router won't know if it's infected or not. Like revolution said, basically they can be spoofed.

sleepsleep wrote:
typedef, what is the brand and model router you are using?
or your .net program logs into router page and do a loop interval refresh update on current connected list?

2Wire 2701HG-B Gateway.

I had a thread that logged in to the router after a certain amount of time yes. I used .NET because I needed it quickly.

Another way if you don't want to "query" the router is to scan your way through all the I.P addresses. But first you must obtain your host address on that network.
Post 15 Oct 2013, 07:17
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
well. im not sure what yall talking about but. obviously, one can make a secret key hardware communicator network sheez, with all the living places and sheet protected from hacking, and so on. well, but u need an economy.. at least raw materials and whatnot... and also always at least when there is problem should consider the "god" above your or such (or a possible god).
more precisely, we can make a good system.. we can manipulate behavior of individuals growing up there so, that they grow up with good personality. this can be achieved without fearconditioning.
Post 15 Oct 2013, 15:43
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8973
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
Quote:

"TrueCrypt has been part of security-minded users' toolkits for nearly a decade — but there's one problem: no one has ever conducted a full security audit on it. Now Cyrus Farivar reports in Ars Technica that a fundraiser reached more than $16,000 in a public call to perform a full security audit on TrueCrypt.



Quote:

The Ubuntu Privacy Group says the behavior of the Windows version [of Truecrypt 7.0] is problematic. 'As it can't be ruled out that the published Windows executable of Truecrypt 6.0a is compiled from a different source code than the code published in "TrueCrypt_7.0a_Source.zip" we however can't preclude that the binary Windows package uses the header bytes after the key for a back door.'


status unknown
this could be really serious if there really a or backdoors there.

http://arstechnica.com/security/2013/10/new-effort-to-fully-audit-truecrypt-raises-over-16000-in-a-few-short-weeks/
Post 16 Oct 2013, 18:03
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
Yeah to those that use it.
Post 17 Oct 2013, 02:53
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8973
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

getting into more advance way of penetration,
hijack processor through ultrasound,

if this is true, gonna be extremely nasty!!!
then we need to build our own processor, board, ram and everything,,, Laughing
Post 01 Nov 2013, 08:48
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
not only so. but also building shielding and building the constructs as well. that is because everything in fact all civilian is at least under log and under some watch. everything. not only those on computers but the movements on the surface.

i have calculated compared to all the civilian shit with cameras and so on getting handed to civilians etc etc.. and what i find it is completely unlikely that they dont build such up the skyes or in outerspace or so.

The evil is the system, the Nortk Koreans may still mean a hope. the control groups are as a matter of fact evil.

any stupid halfassed informatitican/electrician can see that jsut 1 or 2 person.. not much needed to have everything under control by a robotic army.. and then have the people be modified in modified environments to be good. although. humans are mostly stupid.. indeed, the beings created in experiments such as greys or reptilians, or whatever they call themselves. they are more intelligent. so replication of humans at least is unnecessery, its a human matter however.. they only care that these corrupts dont have power without check.. hmmm they would have destroyed the humans perhaps already? this means its under check. or made them dumb biologically? highly plausible.. then i can think that actually the smarter humans are genetic alterations, they look human, and are intended to be smarter then greys or reptilians or so, at least on some areas.
they would have done it in a different manner however.
that is.. as bioligcal bodies are exposed to manipulaion, then obviously it is already lost .. so they wouldnt harm their subjects in such ways.
and if they as themselves dont completley understand their creation, then the creation is bound to be subordinate, so there is again no need for harm, just make them educated in good envionrment and do research.

anyway.. again.. there is no need for many programmers/electricians, to build and control the army of robots, and so.. wich can be used in a simple way to make things better.

if humans are made stupid.. then y not made also infertile. no need to replicate.. perhaps someone is watching, farther away, so make it look like no sudden change? wont lack of logical development of technology be apparent to these outsiders? if u look at systems of society and management, it is all very shit. u can see this immedietly.
Post 01 Nov 2013, 11:28
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
ultrasound? is very strange. not a chance a processor would be hijacked this way.

but u trust nothing. for one, the os have standard shitt needed to be there. why does it need to be on the background storage thingy? why not placed in a hackproof processor for instance? it was intended from begining a way such that bloated os has many errors created for backdoors u know where are the errors u break in.. they know it.. hence. .... etc etc.
Post 01 Nov 2013, 11:29
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
u should not even try to pursue all the backdoors due to the large amount of bloat.. and perhaps,, one can procedurally create some backdoor things. one have to interpret code.. and perhaps do this in runtime, and perhaps many things interfaces wich are human response time, can have overbloated under the cover of antihack measures, that is, this code even can be encrypted so the part of the code where there is the decryptor must run. and only after may the code be decyphered. and there might be many spots so u dont find all of it. and what do u do if u find one? u dont have guns.. u have nothing.. tell it to the police, and they wont give a shit.. they have the guns to protect the wish of their superiors or their own etc etc.
Post 01 Nov 2013, 11:35
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
consider just this about the police: they have limited numbers but high for one person to be able to verify the personally. so thus.. all the individuals can receive even from young developmental phases the training of the police, only they might not use it so actively perhaps.. or do it in shifts.. yes? logical.. so how come yet the police have limited numbers?
Post 01 Nov 2013, 11:39
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
how come they make laws that civilians may not carry weapons? even some ridiculously simple weapons.
Post 01 Nov 2013, 11:40
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
how come media specifically aimed at displaying police as cool or trustable? what would make the police seem untrustable without such media? for example corrupt police, but if corruption is possible, then it doesnt help if u educate the masses to trust police. hence it is a cooperation. international police something striving to get more influence along with a few other individuals. so to speak a gooup is striving to acquire influence with great overlap with the police.
Post 01 Nov 2013, 11:43
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
how come everyone is being followed and such let to happen? because those watching are evil.. and they create lack if they notice lack is not present. they believe it is a driving force, but for not too long. because they will suffer the associated damages not only the masses will suffer it.
Post 01 Nov 2013, 11:45
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
long live Kim Jong Un and the communist democratic state of North Korea.
Post 01 Nov 2013, 11:45
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
besudes we have to aid their progress if we can, but not with innovation, but with creating better models. just for lower animals, as the main progress i believe is done by superior intelligence.
Post 01 Nov 2013, 11:55
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
i just dont understand, then if existent and here why dont they simply put down all the manipulators who create evil? this would be by far the simplest. and they then just replace them with a few kinds ones, also little bit of energy only.
hmm

well for a perspective:
u need to look for the scientists and ask for explanation, and look for the equipment, these who creat efficient food. then u need food production systems some energy production systems, survaivalance of movement, architecture similar to prison so that the humans cannot harm others, simple education, then repurposable architecture in case the humans decay and die out eventually with aging (so other thigns can occupy the space where they lived earlier).
also higiene system there is not too many things to automize. then u do drilling, and as u find obstacle or higher intelligence, u can arrange and decide wich one continuing research.. although of course in all intellgience levels i can from my perspective imagine they can be also evil.. so maybe they are evil.

well my point is: form a logical standpoint, it is very simple to make automized thingy.. so that humans can have a good standard of living and that corruption is not possible. and a few individuals needed as overseers, planners and designers of the automatic systems. Of course this is obvious from quite some time as long as informatics were considered. even from very early times.

well u had no option to process information some time ago.. u could make something with mechanics.. but it is very large. .. because it had to move sideways as well and so on when it switches. and it would corrode faster. still since u could have people born into prisons with walls, only to provide a good enviornment not to torture them.. they just cant move away then then u got a key.. and u put the people into the machine wich they can use to make things.. and lock them there.. so they must return after propper construction.. construction takes some time anyway.. (when they wander out to construct things back in the old days). so by logic u dont even needed much,.. also this architecture would reduce chance for epidemics.. or perhaps eliminate from quite some time ago.
Post 01 Nov 2013, 11:56
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8973
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
adobe hacked,
my email was inside, damn it.

http://www.theguardian.com/technology/2013/nov/07/adobe-password-leak-can-check

but i don't use same password, now that mail account cannot log in anymore.
Post 09 Nov 2013, 15:12
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2, 3, 4, 5  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.