Security News #0x4D
- There is a new privilege escalation exploit circulating for Linux. CVE 2013-0268 affects kernels prior to 3.7.6; the issue is with the
/dev/cpu/*/msrsubsystem. SecurityFocus has PoC exploit code, but I could not get it compiled. Such are the tribulations of a Saturday morning!
- The folks at Sekurak have found some interesting vulnerabilities in HP Laser Jet printers. Apparently they leak sensitive configuration details (like the administrator password) on publicly accessible web pages. Whoopsie!
As you might expect, Metasploit is working on a module. I wanted to give the current version of the module a spin, but it is not yet part of Kali. I grabbed the code from GitHub and dropped it into my Kali (with the clever name
test) but the exploit failed.
msf exploit(test) > [-] 10.0.2.201 test - Windows XP not found, sending 404: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0 [-] 10.0.2.201 test - Windows XP not found, sending 404: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0
For now at least, the module requires Windows XP, and I did not have the time to break one of those antique VMs out of storage. Perhaps next week….
The underlying vulnerability that started all of this is CVE 2013-1690.
- Tim Medin has a great piece on how to use psexec to bypass UAC.
- A new version (0.63) of PuTTY has been released to patch some security holes.
- And since we are mentioning security tools with holes, note also that NetworkMiner 1.4.1 is vulnerable to multiple attacks as well.
- Did you know that Wireshark can decode TLS/SSL traffic?
- We all know that Metasploit likes to migrate off into notepad.exe processes. Well, Raphael Mudge of Armitage fame discusses some of the consequences of that choice. For example, what would happen if some clever student removed notepad.exe from the target? Then what?
- Did you know that it is trivial to recover passwords stored in Chrome? Me neither!
- Are you interested in learning how to obfuscate Java code? Khai Tran has a tutorial on Java obfuscation techniques using Klassmaster.
- Infobyte has a nice piece on hacking a Lexmark N4000e Print Server.
- The MIT Technology Review reports that the Chinese group APT1, aka CommentCrew was found hacking into a honeypot of Kyle Wilhoit that was set up like a local water authority.
- CyberArms reports on a hack presented at OHM 2013, where an unnamed hacker was able to maintain access to a system after it was wiped by first modifying the firmware of the hard drive. You can find the technical details at SpritesMods.
- There is a problem with Windows phones; if the phone connects to a (rouge) access point, then the user’s domain credentials might be recoverable.
- Threatpost reports on unpatched vulnerabilities in the Cisco TelePresence system.
- From the "I can’t believe it" files, it turns out that some Xerox photocopiers will occasionally change numbers in copies- changing a six into an eight for example.