Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon.

Pages: 1-

Java Exploit

Name: Anonymous 2010-04-16 10:45

http://www.eset.com/blog/2010/04/15/unpatched-java-deployment-kit-vulnerability-exploited-in-the-wil
d

This is what happens when Gosling leaves

Name: Anonymous 2010-04-16 10:50

http://www.oracle.com/technology/deploy/security/alerts/alertcve-2010-0886.html

Name: Anonymous 2010-04-16 10:58

That's curious.  I tried to do an update but the installation failed due to a file "awt.dll" not having matching content.

Online suggestions say to do a full reinstall of Java to get around this.

Name: Anonymous 2010-04-16 11:25

>>3
Does this work for you?

http://lock.cmpxchg8b.com/bb5eafbc6c6e67e11c4afc88b4e1dd22/testcase.html

Name: Anonymous 2010-04-16 11:34

>>4
// Bonus Vulnerability, why not downgrade victim to a JRE vulnerable to
// this classic exploit?
// http://sunsolve.sun.com/search/document.do?assetkey=1-66-244991-1
// o.installJRE("1.4.2_18");

Ah, NoScript.  Also, been ages since I've had to download a plug-in to do anything.
The uninstall/reinstall workaround for updating to "_20" does work as prescribed.

Name: Anonymous 2010-04-16 13:31

We are seeing many malicious with file names like "test", or
placed in folders named "test". This leads us to think the
attackers are still preparing and testing their attack.

Perrty clever

Name: Anonymous 2010-04-16 20:22

lol java

Name: Anonymous 2010-04-16 20:31

>>5
So you need NoScript to prevent commented lines from executing, right?

This just goes to show that all NoScript users are as idiotic as its creator.

Name: Anonymous 2010-04-16 21:23

>>6
I don't know how to interpret that, except on the level reported.

I've seen malicious files named 'test' laying around on servers (usually in /tmp or /dev if possible, though noexec has stifled that.) These are payload injection scripts, and are either named as such to avoid scrutiny (my assumption at the time: admins are often stuffing 'test'-named files in random places for whatever reason) or it is entirely possible that intruders are simply using the unvarnished proof of concept code built by whomever, modified just enough to get the job done, which hadn't occurred to me. (I know that isn't the rule: I've found spam mailers with DRM. Of course it still has to execute without accessing a licensing server, so there's always a way to get at the code.)

So that's my take on what's going on. It excludes the conclusions drawn in the quote, which is to say that this isn't how things are done (not in the professional spammer/botnet world anyway.) That could well be a limitation of my experience but I still don't trust the conclusion without deeper inspection of the underlying dynamics of the situation.

Name: Anonymous 2010-04-16 23:40

Good thing I don't have any of that Javashit installed on any of my systems.

Name: Anonymous 2010-04-16 23:48

>>10
The usual vector for these exploits to get onto servers is badly written PHP (in case you run any web servers.) The payload is, in this case Java, but could be anything depending on the exact goals. Java has a far better track record than most other things (esp. PHP and/or use of MySQL databases, or anything else written by a moron.)

Name: Anonymous 2010-04-16 23:59

>>11
Good thing neither of my servers have PHP installed either.
Or MySQL, for that matter.

Name: Anonymous 2010-04-17 0:50

>>8
I know what NoScript does.  You just randomly calling people idiotic because the first part of their post expresses a concept different from the second part of their post is much more worrisome.  For your benefit from now on I will include a transition paragraph just to make sure you know I am changing the topic about which I am talking if I wish to make this change within the same post.

Name: Anonymous 2010-04-17 1:06

>>13
You'd think a regular /prog/rider would know when he's being trolled.

Name: >>9,11 2010-04-17 1:08

>>12
Congrats.

Name: Anonymous 2010-04-17 1:10

>>14
Yes, you'd think that.

Name: Anonymous 2010-04-17 2:05

so, how long will it take for someone to figure out how to use this to replace people's screensavers with http://www.youtube.com/watch?v=dQw4w9WgXcQ?

bonus points if it works on windows and linux.

even more bonus points manages to get it onto /b/.

Name: Anonymous 2011-02-04 12:51

Name: Anonymous 2011-02-04 14:29

Name: Anonymous 2011-02-17 20:17

that's cool and all, but check 'em

Name: Anonymous 2013-08-31 17:02


now the question is, is it going to end like Bokurano (unlikely) or Mai-Hime(much more likely)?

Name: Anonymous 2013-08-31 18:33


I think one of the momusus (excluding Sayu) should develop a mean and bitchy persona for variety. Not half-assed shit though, like really sharp-witted. Not against the other girls though, just against everyone else. Had I not known how Ayumi is I'd think she'd be perfect for that.
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode -