viernes, 2 de junio de 2023

Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:


Firefox Quantum version:



The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip




The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.




More information

  1. Hacker Tools For Windows
  2. Hacker Tools Free Download
  3. Hacker Tools For Mac
  4. Hack Tool Apk
  5. Hacking Tools For Pc
  6. Pentest Recon Tools
  7. Pentest Tools Url Fuzzer
  8. Hacker Tools 2019
  9. Hackers Toolbox
  10. World No 1 Hacker Software
  11. New Hack Tools
  12. Underground Hacker Sites
  13. Pentest Reporting Tools
  14. Hacker Tools Online
  15. Nsa Hack Tools
  16. Usb Pentest Tools
  17. Pentest Tools Linux
  18. New Hacker Tools
  19. Nsa Hacker Tools
  20. Pentest Tools Android
  21. Pentest Tools Website Vulnerability
  22. Pentest Tools Website Vulnerability
  23. Hacking Tools Download
  24. Hack App
  25. Hacking Tools For Games
  26. Hacker Tools For Ios
  27. Hacker Tools Hardware
  28. Black Hat Hacker Tools
  29. Pentest Tools Nmap
  30. World No 1 Hacker Software
  31. Hacker Tools
  32. Hacking Tools Windows 10
  33. Underground Hacker Sites
  34. Tools Used For Hacking
  35. How To Make Hacking Tools
  36. Kik Hack Tools
  37. Pentest Tools Find Subdomains
  38. Hacker Security Tools
  39. Nsa Hack Tools Download
  40. Blackhat Hacker Tools
  41. Bluetooth Hacking Tools Kali
  42. Hacker Tools Software
  43. Hack Website Online Tool
  44. Pentest Tools Free
  45. Hacking App
  46. Pentest Tools
  47. Hacker Tools For Mac
  48. Hacking Tools 2019
  49. Pentest Tools Alternative
  50. Underground Hacker Sites
  51. Hacker Tools Linux
  52. Kik Hack Tools
  53. Hacker Tools Apk Download
  54. New Hacker Tools
  55. How To Install Pentest Tools In Ubuntu
  56. Hack Tool Apk No Root
  57. Pentest Tools Website
  58. Hacker Tools Software
  59. Pentest Tools Alternative
  60. Termux Hacking Tools 2019
  61. Hack Tool Apk
  62. Hack Tools Download
  63. Pentest Tools Android
  64. Pentest Tools Review
  65. Pentest Tools Nmap
  66. Hack Tools Mac
  67. Hacker Tools Windows
  68. Pentest Tools For Android
  69. Hacking Tools For Games
  70. Game Hacking
  71. Pentest Tools Online
  72. Hack Tools Download
  73. Hacking Tools Free Download
  74. Hacking Tools Usb
  75. Hack Apps
  76. Hacking Tools
  77. Hacker Tools Software
  78. Wifi Hacker Tools For Windows
  79. Pentest Tools Download
  80. Hack Rom Tools
  81. Hackrf Tools
  82. Hacker Search Tools
  83. Hacking Tools Software
  84. Pentest Tools For Mac
  85. Hacker Tools For Ios
  86. How To Hack
  87. Usb Pentest Tools
  88. Hacker Tools 2020
  89. Hacker Tools Windows
  90. Pentest Tools Website
  91. Hacking Tools For Windows Free Download
  92. Hacker Tools 2019
  93. Hacker Tool Kit
  94. Pentest Tools Subdomain
  95. Hacker Tools Free Download
  96. Hacker Tools Github
  97. Hacker Search Tools
  98. Hacking Tools For Kali Linux
  99. Pentest Tools Website
  100. How To Make Hacking Tools
  101. Bluetooth Hacking Tools Kali
  102. Pentest Tools Nmap
  103. Hacker Tools Linux
  104. Pentest Tools
  105. Hack Tools Online
  106. Computer Hacker
  107. Hacks And Tools
  108. Hack Rom Tools
  109. Hacking Tools For Windows
  110. Beginner Hacker Tools
  111. Hacking Apps
  112. Best Hacking Tools 2020
  113. Pentest Tools For Ubuntu
  114. World No 1 Hacker Software
  115. Pentest Tools Apk
  116. Pentest Tools For Android
  117. Pentest Tools Github
  118. Pentest Tools Open Source
  119. Hacker Tools Linux
  120. Pentest Tools Review
  121. Hack Tools 2019
  122. Hack Tools For Ubuntu
  123. Nsa Hack Tools Download
  124. Pentest Automation Tools
  125. Computer Hacker
  126. Bluetooth Hacking Tools Kali
  127. Best Hacking Tools 2019
  128. Beginner Hacker Tools
  129. Hacking Tools 2019
  130. Hacking Tools For Mac
  131. Hacker Hardware Tools
  132. Kik Hack Tools
  133. Hack Tools Download
  134. Pentest Tools Website Vulnerability
  135. Hack Tools
  136. Pentest Automation Tools
  137. Hacker Tools Free Download
  138. Hacking Tools Windows
  139. Pentest Tools Apk
  140. Blackhat Hacker Tools
  141. Hack Tools For Windows
  142. Hacking Tools Name
  143. Hack Tools Download
  144. How To Install Pentest Tools In Ubuntu
  145. How To Install Pentest Tools In Ubuntu
  146. Hacker Tools Mac
Publicado por en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)