19 April 2020

Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:


Firefox Quantum version:



The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip




The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.




Read more
  1. Hacking Tools Pc
  2. How To Make Hacking Tools
  3. Free Pentest Tools For Windows
  4. Best Hacking Tools 2020
  5. Hacking Tools Free Download
  6. Tools For Hacker
  7. Hacking Tools Github
  8. Hacker Tools List
  9. Underground Hacker Sites
  10. Hacking Tools For Kali Linux
  11. Pentest Tools Open Source
  12. Best Hacking Tools 2019
  13. Tools Used For Hacking
  14. Hack Tool Apk
  15. Nsa Hacker Tools
  16. Hacker Search Tools
  17. Pentest Reporting Tools
  18. Growth Hacker Tools
  19. Hacker Tools Hardware
  20. Free Pentest Tools For Windows
  21. Physical Pentest Tools
  22. Pentest Tools Apk
  23. Hack Tools 2019
Posted by ISMP (International School of Motion Pictures) at 5:05 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)