Milw0rm is finally back with some new interesting informations and exploits , one of then is Firefox 3.5 Zero Day exploit! the exploit has been published on milw0rm yesterday. The firefox 3.5 zero day exploit itself simply demonstrates a security vulnerability that existed on firefox 3.5 by loading windows calculator. The most preventive way to take is by disabling javascript on firefox 3.5 , otherwise your pcs might get infected!

Excerpt :

The exploit portal Milw0rm has published an exploit for Firefox 3.5. The exploit demonstrates a security vulnerability by starting the Windows calculator. In testing by heise Security, the exploit crashed Firefox under Vista, but security service providers Secunia and VUPEN confirmed that attackers using prepared websites can infect PCs. The cause of the problem is a buffer overflow when processing specially prepared Font tags.

The Mozilla Foundation has been informed about the problem, but so far has not responded to queries by heise Security. An update does not currently exist. So far there are no reports of sites on the internet being first to use the hole for active infections and exploitation of Windows PCs. Since the published exploit uses PC heap spraying under JavaScript, disabling JavaScript should act as a stop gap. When the exploit was tested with Windows 7 RC1, after a short time, the browser displayed a dialogue offering to abort the script.

Download firefox 3.5 zero day Exploit : http://www.milw0rm.com/exploits/9137

Related articles :

• Highly Critical Security Vulnerability Found in Firefox 3. (mashable.com)
• Firefox 3.5 vulnerable to critical Javascript attack (macworld.com)
• Firefox users: critical security vulnerability (consumingexperience.com)

Firefox is known as the most used web browser in the world. But only few people know how malicious code can be embedded in your Firefox without Antivirus or Firewall even notice it. In this case, You’re about to see how powerful Firefox keylogger addon is. Its ability to log the keystrokes whenever a victim type something within his browser is the main fun part of this firefox keylogger addon.

Here’s the short excerpt taken from the artile written by armando romeo :

My small POC consists of a keylogger written in javascript and embedded into Firefox browser in form of extension. This code can be injected into any known/famous addon without even noticing it since it creates no warnings at Antiviruses (it’s just legal javascript) and no warning from Firewalls since the logs of the keystrokes are sent through Firefox on port 80 to a malicious server.
Firewalls allow Firefox on port 80 if you want to browse the internet, so no way to understand what’s going on under the hood unless you track all the packets going out of your internet interface. The POC is an installable extension that once installed it doesn’t add anything to the Firefox appearance.

Get it here : http://www.hackerscenter.com/public/Firefox_poc/poc_keylogger.zip
More information :
http://blogs.hackerscenter.com/2008/04/firefox-addons-threat.html

The addon which is used in the video might not related to the firefox keylogger addon created by armando , but it’s still nice to watch anyway. So here’s the firefox keylogger addon video :

Firefox Keylogger from Jabra on Vimeo.

Related articles :

• Orange UK exiles Firefox from call centers (theregister.co.uk)
• Mozilla To Launch “Build Your Own Browser” (tech.slashdot.org)
• Mozilla to let enterprise users build custom Firefox-based browsers (downloadsquad.com)

If you’ve read my previous post about hacking myspace account using keylogger on ‘myspace account hacking – does your wife cheat on you?’ , the same thing can also be implemented in hacking into facebook account by using more advanced keylogging method like javascript keylogger. Hack Password Facebook with javascript keylogger can be achieved by combining those both XSS vulnerabilities and Javascript Keylogger itself. Facebook was vulnerable to some XSS back then , this hole can be a good opportunity for intruders to infect a lot of facebook members with their web malware , including javascript keylogger ! And of course by keylogging , intruders can retrieve those facebook users ’s password easily , and then extend their hack into hack facebook profiles , etc

A good implementation of javascript keylogger can be found on http://www.xssed.com/article/25/Paper_Smashing_the_Web_for_fun_&_profit_using_XSS/. Exceprts :

Introduction

This article is dedicated to all this people that believe XSS is not a serious Web application vulnerability. Using XSS vulnerabilities someone can actually make lots of money. I don’t have any responsibility how this knowledge is going to be used, this article was created at of love of hacking and not to hack other people sites. Recently I became very interested to XSS and decided to write an article that fully explains how to inject a JavaScript key logger, and by saying fully explain I mean describe in full detail how can someone perform XSS filter invasion and run my JavaScript key logger in order to steal user names, passwords and user credentials. The scary part is that you don’t have to be a JavaScript expert to write effective JavaScript malicious code, you just have to have a good understanding of the Web. In the following article I provide the reader with two flavors of practically the same JavaScript key logger.

In order to understand this article you have to know:

1. How to write Html web forms (look at [4]).
2. How to write Javascript DOM objects (look at [3]).
3. Basic functionality of Http protocol (look at [1]).
4. Understand JavaScript what obfuscation is (have a look at [5]).
5. Understand how to use Burp Suite1.1 (look at [6]).

The functionality of your XSS

Before you exploit an XSS someone has to understand what is the functionality a XSS exploit should have. By saying functionality I mean what is the reason of your XSS, e.g. to deface a website, to cause a redirect or to steal user credentials (something that is the most interesting!!). In our situation we have to think about writing a key logger XSS. So that is why we have to make some thoughts about what is a log-in page form, from the user perspective, for example what is the average user name and password length? And how fast the an average user is typing? We are going to use this information to build up two flavors of JavaScript key loggers that run in IE, Firefox, Opera and Netscape. So our program is going to steal the user credential based only on time (e.g. auto execute after certain amount of time) or based only on password length (e.g. auto execute after the user types 5 characters) or based on both time and password length (e.g. maybe perform some character mapping, like check if Enter or Tab buttons have been pressed).

You can also read insanesecurity’s article to extend your understanding of userscript keylogger.

Random articles :

• Thwart password-hungry keyloggers with a Greasemonkey script
• Harmful Spyware and their stealthier means
• Keyboard “eavesdropping” just got way easier, thanks to electromagnetic emanations

Image via Wikipedia

Fifrefox Security Addons are some firefox addons which have some special purpose like web application pentesting , web browser security enhancement and so on. I’m going to give you a list of Firefox security addons that you must have on your firefox browser

So here they are :

1. Firebug

This addon can be useful  to debug your javascript,css,html from your firefox browser. Download Firebug : https://addons.mozilla.org/en-US/firefox/addon/1843

2. Hackbar

A very useful firefox security addon to effectively launch some penetration testing to web application (sql injection,xss and more) it supports md5 , base64 . mssql char and so on . Download Hackbar : https://addons.mozilla.org/en-US/firefox/addon/3899

3. Anonymouser

This firefox addon will be useful to anonymously open a link (by using anonymouse.org proxy). Download Anonymouser : https://addons.mozilla.org/en-US/firefox/addon/1415

4. User Agent Switcher

This will be useful to hide your User Agent . Download User Agent Switcher : https://addons.mozilla.org/en-US/firefox/addon/59

5. Modify Headers

Easily modify your http header Download Modify headers addon : https://addons.mozilla.org/en-US/firefox/addon/967

6. XSS-me

By using XSS-me , you will be able to do a xss pentest easily. Download XSS-me : http://www.securitycompass.com/exploit_me/xssme/xssme-0.2.1.xpi

7. Sql-inject-me

Same as the addon aboce , but it’s specialized in sql injection attack. Download sql-inject-me : http://www.securitycompass.com/exploit_me/sqlime/sqlime-0.2.xpi

Related articles :

• Firefox Download Day
• I Stop Using Firefox 3
• Search Engine Optimization Services – Then and Now