Security Surprises On Firefox Quantum
Posted by iNoticiero
on domingo, 21 de enero de 2024
0
This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.
This means two things
1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.
Ubuntu Version:
Firefox Quantum version:
The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip
3f201a8984d6d765bc81966842294611 libgmpopenh264.so
44aef3cd6b755fa5f6968725b67fd3b8 gmpopenh264.info
The info file:
Name: gmpopenh264
Description: GMP Plugin for OpenH264.
Version: 1.6.0
APIs: encode-video[h264], decode-video[h264]
So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.
In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.
More information
- Hacker Tools Linux
- Pentest Tools For Android
- Hacking Tools Windows 10
- Hacking Tools Usb
- Hacker Tools Mac
- Hacker Tools Free
- Hacker Security Tools
- Pentest Tools Website
- Hacker Tools For Pc
- Hacker Tools List
- Hacking Tools Usb
- Hack Tool Apk
- Hacking Tools Online
- Hack Tools Download
- Hack Apps
- Pentest Tools Website Vulnerability
- Hack And Tools
- Hack Tools Online
- Underground Hacker Sites
- Hack App
- Hacker Tools 2019
- Hack Tools Github
- Hack Tools Github
- New Hacker Tools
- Hacker Tool Kit
- Hak5 Tools
- Pentest Tools Find Subdomains
- Hacker Tools Apk
- Hacking Tools Mac
- Hacks And Tools
- Beginner Hacker Tools
- Hacker Tools For Pc
- Pentest Tools Tcp Port Scanner
- Pentest Tools List
- Hacking Tools Download
- Hacker Tools Free
- Pentest Tools Linux
- Pentest Reporting Tools
- Hack Tool Apk
- Pentest Tools Port Scanner
- Hacker Tools For Mac
- Hacker Tools Linux
- Hacking Tools For Mac
- Hacker Tools List
- Pentest Tools Apk
- Pentest Tools Android
- Pentest Tools For Ubuntu
- Hacking Tools Software
- Best Pentesting Tools 2018
- Hacking Tools For Windows 7
- Hack Tools Mac
- Hack Tools
- Pentest Tools Github
- Easy Hack Tools
- Android Hack Tools Github
- Hacking Tools For Mac
- Termux Hacking Tools 2019
- Hack And Tools
- Hack Tool Apk No Root
- Hack Website Online Tool
- Pentest Tools Port Scanner
- Growth Hacker Tools
- Pentest Tools List
- Pentest Tools Port Scanner
- Hacking Tools Pc
- Hacking Tools For Mac
- Pentest Tools Nmap
- Hacking Tools Usb
- Hacker Tools Apk Download
- Pentest Automation Tools
- How To Hack
- Android Hack Tools Github
- Pentest Tools Open Source
- Pentest Tools Subdomain
- Pentest Tools List
- Hackers Toolbox
- Hacker Tools Free
- Hack Tools Download
- Hacking Tools Kit
- Hacker Search Tools
- Hacker
- Hacking Tools Mac
- Hack Tools Download
- Nsa Hack Tools Download
- Black Hat Hacker Tools
- Hacker Tools Apk
- Pentest Tools Subdomain
- Top Pentest Tools
- Pentest Tools Find Subdomains
- Pentest Tools Free
- Hacker Tools 2020
- Hacking Tools Hardware
- New Hack Tools
- Hacker Tools For Mac
- Hack Tools
- Hacker Tools Free
- Pentest Tools Android
- Hacker Tools 2019
- Hacker Tools Hardware
- Hackers Toolbox
- Hacking Tools For Windows Free Download
- Hack Tool Apk No Root
- Pentest Tools Download
- Top Pentest Tools
- Hack App
- Best Hacking Tools 2020
- Hacking Tools Download
- Hacking Tools Mac
- Android Hack Tools Github
- Termux Hacking Tools 2019
- Pentest Tools Review
- Hack Tools 2019
- How To Install Pentest Tools In Ubuntu
- Hacker Tools Free
Tagged as:
About the Author
Write admin description here..
Get Updates
Subscribe to our e-mail newsletter to receive updates.
Share This Post
Related posts
0 comentarios:
Publicar un comentario