« The 5th ACM Workshop on Recurring Malcode (WORM 2007) | Main | LEET '08 Call for Papers »
Diminutive XSS Worm Replication Contest
A friend pointed this out to me. Evidently the Sla.ckers.org website is hosting a "Diminutive XSS Worm Replication Contest". Their mission: to see who an write a new XSS worm (like the MySpace one, the recent Orkut one, etc).The goal of the contest is to have a functional web worm in as small a package as possible. From the website:
Okay folks, new small challenge - no prize, just an exercise in programming skill and because I want to see the results. After reading over the XSS worm thread I got to thinking. We haven't, to my knowledge, ever had a diminutive worm writing contest. We've done it for JS injection and for pulling in remote JS but not for worms. You can submit your code to this thread directly (I'd prefer it actually so that others can benefit from what you've done). If that's for some reason not acceptable sent me your code directly and we can figure something out. Either way the winner's code must be posted in this thread. Actual cutoff to submit is Thursday the 10th of January at 7PM GMT.Source: Diminutive XSS Worm Replication Contest, from the sla.ckers.org forums.
January 5, 2008 in malware , new trends, new worms | Permalink
Tell others: digg submit
|
del.icio.us this
|
Reddit
Comments
A turma do Hacker conhecido por Octane [F/X] , formada por Octane [F/X], Klay Gomes e Rodrigo Lacerda conseguiu mais uma vez.
Foi desenvolvido por eles ontem um worm que está se alastrando pelo Orkut,
A vulnerabilidade está em um XSS obitido nos albuns de fotos,
não é precido clicar em nada suspeito, basta apenas olhar a foto e estará infectado.
O worm adiciona você em varias comunidades, deixa scraps pra eles, posta recados nas comunidades, adiciona você como amigos, bastando eles aceitarem posteriormente, e muito mais, alem de trocar sua foto do profile pela do grupo, tudo sem vc perceber, até estar infectado, apos isso o worm se reproduz infectando suas outras fotos, dai quem olhar vai se contaminar, e isso vai se alastrando por todo orkut.
para testar a veracidade, criem um profile qualquer.
apos isso acessem a foto infectada pelo Octane [F/X] aqui
http://m.orkut.com.br/Main#AlbumZoom.aspx?uid=264107709026761606&aid=1&pid=1222375997586
usem o FireFox pois o Opera e agumas versões do IE ainda estão seguras, mas com firefox vc será infectado
Suspeita-se que Octane [F/X] seja o Sabotai Rox, que semana passada trocou o nome das maiores comunidades do Orkut
Até a presente data o worm está ativo e se alastrando
A unica medida de segurança por enquanto é não olhar fotos no orkut até que tudo seja resolvido
Posted by: RedBlaster | Sep 30, 2008 4:42:10 PM
Although your article comparison sounds interesting but i'm not sure if i could agree with you in 100%
Posted by: TeacherForex | Mar 28, 2009 4:02:10 PM
I just want to let you know that I have benefited from the information here. Thanks a lot.
Posted by: TraderForex | Mar 29, 2009 2:03:14 AM
Keep your computer running like new.
Have you been searching for a great antispyware to keep your computer running like new? If so, you will be happy to know that there are some great options out there. I have tried many different types of antispyware only to find that the majority of them find the exact same types of bugs. The biggest difference that you will find between all the different types of antispyware offered is the price. Search-and-destroy Antispyware is an excellent choice that can be purchased at a lower price than many of the other options available. If you are interested in discovering the benefits offered from antispyware solution from Search-and-destroy visit http://www.Search-and-destroy.com to learn more.
Posted by: Rubena | Apr 25, 2009 5:27:55 AM
