[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Sending spam via sites and creating spam-botnets
- To: MustLive <mustlive@xxxxxxxxxxxxxxxxxx>, "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Sending spam via sites and creating spam-botnets
- From: "McGhee, Eddie" <Eddie.McGhee@xxxxxxx>
- Date: Wed, 21 Jul 2010 08:14:46 -0400
POC?
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of MustLive
Sent: 20 July 2010 19:51
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Sending spam via sites and creating spam-botnets
Hello participants of Full-Disclosure!
In continue to my last month's article Using of the sites for attacks on other
sites and my previous article about creating of botnet from zombie-servers and
program DDoS attacks via other sites execution tool (DAVOSET), I want to draw
your attention to another aspect of Abuse of Functionality vulnerabilities. At
the end of last week I wrote new article Sending spam via sites and creating
spam-botnets (http://websecurity.com.ua/4382/). Which I'll tell you briefly
about.
Similarly to using of the sites for attacks on other sites via Abuse of
Functionality vulnerabilities, it's also possible via Abuse of Functionality to
use sites for sending spam.
There are many such vulnerabilities in Internet, which I wrote about many
times, as vulnerable sites, as vulnerable plugins (which used at many sites).
So many sites can be used for sending spam.
Using of Abuse of Functionality for sending spam.
Researching of such vulnerabilities I begun already in 2007. From that time I
found many web sites with such vulnerabilities and also vulnerable plugins for
popular web applications. Particularly such plugins as WP-ContactForm for
WordPress, Contact Form ][ for WordPress and com_alfcontact for Joomla.
Creating of spam-botnets from sites.
Similarly to tools for conducting of DDoS attacks via Abuse of Functionality
vulnerabilities, as for example DAVOSET, in exactly the same way the tools for
mass spam sending can be created. Via multiple Abuse of Functionality
vulnerabilities at different sites. I.e. these vulnerabilities can be used for
creating of spam-botnets with zombie-servers. And taking into account that spam
will be sending from servers of well-known companies, then very likely that
these letters will bypass spam-filters.
Taking into account widespread of Abuse of Functionality vulnerabilities at the
sites, which allow to send spam, and ignoring of sites' admins of this problem,
it's actual. And taking into account that network from these zombie-servers can
be created without wasting of resources (including financial), as it occurs in
classical botnets, then this type of botnets is very profitable from financial
side. So with time spammers can draw attention at this method of sending spam
and at this type of spam-botnets.
P.S.
If your site will be DDoSed from Google's servers or you will receive spam from
IBM's servers, than you will be knowing what type of botnets it is.
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/