今晨,著名黑客组织milw0rm的成员seer[N.N.U]已开发出针对“绿坝”的攻击代码,并提供下载。该攻击代码利用了“绿坝”的一个栈溢出漏洞。目前该攻击代码已有绕过Windows Vista操作系统的DEP和ASLR安全机制的能力。这将对安装有“绿坝”软件的用户造成巨大的威胁。理论上,黑客继续开发该攻击代码,以盗窃“绿坝”用户的网上银行密码、QQ、MSN等其他工具的密码只是时间问题。到目前为止,“绿坝”的开发商尚未对此漏洞进行修补。考虑到该安全漏洞的严重性,请“绿坝”用户立即卸载该软件,并安装其他具有安全资质公司的开发的防火墙软件。附:该攻击代码的说明和下载页:
http://milw0rm.com/exploits/8938
Green Dam remote buffer overflow exploit
"Green Dam" is a software used for monitoring and anti-pornography, popularizing by
Chinese goverment. After July 1st, it will be forced to install on all new Chinese PCs.
Now it already has 50 million copies in China.
In order to monitor the URL that user is exploring, Green Dam injected the browser
process. When Green Dam is trying to handle a long URL, a stack overflow will occur in the
browser process.
This exploit can be used for exploitation on IE, on those computers installed Green Dam.
I used the .net binary to deploy shellcode, for it`s more stable than Heap Spray, and able
to bypass DEP and ASLR on Vista.
The exploit page contains a .net control, so it should be published on IIS.
---seer[N.N.U]
http://milw0rm.com/sploits/2009-green-dam.zip
发表评论 点击获得Trackback地址