|
-
May 6th, 2008, 02:41 PM
#1
Buying the Pharm
What happens when Javascript and the Windows hosts file collide...
Simple Pharming - 0x000000 The Hacker Webzine
There is so much you can do with Javascript that the best way to describe the toxic mix of browser exploits with Javascript will be an example to launch a pharming attack. The sheer beauty of pharming is that the surfer will almost never know that he has been compromised, because it is very silent. One way of quickly pharm surfers is to modify the hosts file on Windows.
Read the rest for the sample code. Firefox + NoScript for me, thanks.
-
May 6th, 2008, 04:13 PM
#2
Something I don't understand there. They're instantiating an ActiveX object . Wouldn't that be blocked by most people's security settings these days? I know it would be by mine.
-
May 6th, 2008, 04:32 PM
#3
Spybot Search & Destroy. Go to the "tools" section, you can inspect what is in your hosts file.
If you select "IE Tweaks" there is also an option to lock the hosts file as read only.
Like phernandez I generally use FF with "noscripts". My IE is set to ask permission before running ActiveX I cannot remember what the default is though?............... probably to run them?
-
May 6th, 2008, 04:46 PM
#4
Not anymore, it used to be the default but it hasn't been for a few years now. I actually have ActiveX disabled entirely so it would never be a problem for me, but I believe the newer security settings of several years ago prohibited JavaScript from accessing the file system object entirely, unless you expressly alter the settings to allow it.
-
May 6th, 2008, 04:52 PM
#5
Doesn't that cause a problem with MSUpdate?
-
May 6th, 2008, 04:59 PM
#6
In my browser, I can enable/disable most anything with 2 clicks on the toolbar, globally or on a per tab basis, so I don't have to worry bout that.
-
May 6th, 2008, 05:57 PM
#7
I am pretty sure you need admin privledges to edit a host file.
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
May 6th, 2008, 06:36 PM
#8
Member
 Originally Posted by morganlefay
I am pretty sure you need admin privledges to edit a host file.
MLF
I can't test this now (at work, with admin priveleges) but I believe anyone can open host in notepad, make changes then save.
*Edit*
Found a page that said admin required for Vista. Don't believe XP required this.
Learn something new everyday =)
Tachyon
|-----|Alcohol is my anti-drug |-----|
-
May 6th, 2008, 06:50 PM
#9
In XP I can edit it as I please, haven't tried Vista though...
-
May 6th, 2008, 06:52 PM
#10
Yes, that's how I understand it.............. only Vista needs admin, that is why it could be an issue because malware and rogue websites can hijack it in other versions of Windows.
ZoneAlarm Pro, Spybot S&D and WinPatrol all have the capability of locking the file 
Similar Threads
-
By Raion in forum Hardware
Replies: 23
Last Post: March 19th, 2006, 04:35 AM
-
Replies: 2
Last Post: October 8th, 2005, 05:54 PM
-
By Black Cluster in forum Miscellaneous Security Discussions
Replies: 0
Last Post: June 9th, 2005, 09:25 PM
-
By inf0streaker in forum AntiOnline's General Chit Chat
Replies: 4
Last Post: January 19th, 2004, 03:32 AM
-
Replies: 10
Last Post: January 21st, 2003, 02:11 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
