[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Multiple vulnerabilities found in NSA website

To: "macfags@xxxxxxxxxxxx" <macfags@xxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Multiple vulnerabilities found in NSA website
From: Kingcope <isowarez.isowarez.isowarez@xxxxxxxxxxxxxx>
Date: Sun, 30 Jun 2013 16:57:06 +0200

The US is spying on us .. Huh? Why didn't you tell us before ! 

http://www.youtube.com/watch?v=8JCVucx5HzI

Greetz: jimjones, matt, scut of teso:))

Kcrookie

Am 29.06.2013 um 23:05 schrieb macfags@xxxxxxxxxxxx:

> RUSTLE LEAGUE WHITE HAT SECURITY RESEARCH TEAM REVEALS HOLE IN NSA WEBSITE;
> CONTACTS VENDOR, HOLE PATCHED.
> 
> RUSTLE RESEARCH ETHICAL R&D WHITEHAT RED TEAM
> VULNERABILITY ALERT AND ASSESSMENT
> RED TEAM ALERT LEVEL AT MAGENTA
> 
> ETHICAL DISCLOSURE NOTICE: Press release withheld until holes were patched.
> 
> Breaking: NSA Website Vulnerable To Attack via Third Party Software,
> Illustrate Dangers of Security Outsourcing
> Ethical Hackers Exploit XSS Vulnerabilities in NSA Software Made by third 
> party.
> 
> Field researchers curiously perusing nsa.gov stumbled upon XSS 
> vulnerabilities on the main NSA forward facing webserver. Both 
> vulnerabilities were found in shoddily outsourced third party software 
> written in Coldfusion--which we all know is the worlds greatest mark-up 
> language.
> 
> "Anyone with an internet connection can use the XSS vulnerability to 
> impersonate NSA personnel and web traffic," says Horace Grant, a researcher 
> with Rustle Research. "Why are unreliable third parties creating the software 
> that guards our national secrets?"
> 
> These exploits are ironic given the multiple, recently revealed NSA security 
> faux pas. The obvious Booz Allen Hamilton/NSA partnership allowed CIA 
> operative and possible Communist spy, Edward Snowden, to infiltrate the NSA 
> and leak the PRISM slides. Hilarious outsourcing of basic webapps to ma'n'pa 
> crapshoot ColdFusion developers have now given an even graver look at the 
> egregious outsourcing of even the most minute government projects.
> 
> Why the focus on ColdFusion? The Adobe product is made by a company well 
> known for holding a monopoly on online media. A simple google query, such as 
> "michael hastings adobe" yields many results, all requiring Adobe products to 
> view. Recently deceased, journalist Michael Hastings was researching 
> government secrets. Many say he was investigating not only the NSA, but 
> Wikileaks FBI informant Sigurdur Thordarson, who has close ties with the 
> Democratic People's Republic of Korea. Rumors say Hastings' car was hacked by 
> a 0day ColdFusion exploit, sending him to his fiery grave. Anyone in the know 
> realizes that Siggi was the one who sent FBI assassins after Hastings, who 
> was also researching Adrian Lamo and th3j35t3r.
> 
> One of the NSA vulnerabilities exploited by ethical white hat hackers this 
> week exists in the "Careers" section of the nsa.gov website. Internet users 
> who enter data into the "Feedback" fields now are treated to a jovial visual 
> representation of their data pooped back at them, in such elegant fashion as: 
> http://i.imgur.com/1cyISex.png
> 
> The other, more insidious, yet still trivial bug in nsa.gov, is an XSS attack 
> that allows URL redirection. When the "Mail to a Friend" notice is queried, 
> and nsa.gov is appended at the end of the address. It is then exempted and 
> allowed to redirect to the provided address. For example: 
> http://www.nsa.gov/applications/links/notices.cfm?address=http://wikipaste.eu/nsa.gov
> 
> Other possible uses of these exploits include dropping a malicious website 
> into the url by using simple disguising methods, redirect, and executing 
> arbitrary code. An attacker could also pretend to be an NSA employee and send 
> a malicious payload via email to real NSA employees, unbeknownst to them -- 
> or simply trick more people into seeing goatse because that shit's funny as 
> fuck.
> 
> The holes have since been patched.
> 
> http://rustleleague.com/advisory.html
> 
> greetz: adobe, YAN, jimjones, chippy, zeekilled
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Multiple vulnerabilities found in NSA website
  - From: Marco Ermini

Prev by Date: [Full-disclosure] Content Spoofing vulnerabilities in TinyMCE and WordPress
Next by Date: [Full-disclosure] HQ SQLi's found by hack_addicted.pt
Previous by thread: [Full-disclosure] Content Spoofing vulnerabilities in TinyMCE and WordPress
Next by thread: Re: [Full-disclosure] Multiple vulnerabilities found in NSA website
Index(es):
- Date
- Thread