IPFlood (previously IPFuck) is a Firefox add-on created to simulate the use of a proxy. It doesn’t actually change your IP address (obviously) and it doesn’t connect to a proxy either, it just changes the headers (that it can) so it appears to any web servers or software sniffing – that you are in fact […]
Finally a proactive measure from Adobe to try and remedy the horrible security flaws they have introduced to Firefox with their Flash Player. There have been some massive hacks recently due to Flash – – Hackers Exploiting Latest Adobe Flash Bug On Large Scale – Adobe Patches Latest Flash Zero Day Vulnerability – Adobe Promises […]
Tags: adobe, adobe flash, adobe flash player, adobe flash security, firefox, firefox-security, flash, flash exploit, flash exploits, flash player security, flash sandbox, flash security, flash vulnerabilities, hacking-firefox, hacking-flash
Posted in: Countermeasures, Security Software, Web Hacking | Add a CommentA huge wave has been made by this tool in the mainstream media this week as it makes session stealing/hijacking a click and go procedure. It was released at Toorcon 12 and is simply a Firefox Add-on. Stealing sessions/passwords and so on is something we’ve been able to do for a LONG time using Wireshark […]
It’s been a while since Firefox has been in the news, but this is a fairly high profile case involving the Nobel Peace Prize website. It seems there is a race condition vulnerability in the latest versions of Firefox (including 3.6.11) that allows remote exploitation. In this case it was used via an iFrame on […]
There’s been a number of bounty programs in the past year or so with Mozilla being one of the forerunners with their Mozilla Security Bug Bounty Program. There are others like Google offering rewards for bugs in Chrome, and other specific high profile bounties like when Microsoft Offered $250K Bounty for Conficker Author. Mozilla on […]
Tags: bug bounty, exploit, firefox, firefox bug bounty, firefox exploit, firefox exploit bounty, firefox-vulnerability, mozilla, mozilla bounty, mozilla bug bounty, mozilla firefox, mozilla security bug bounty, security bug, security bug bounty, vulnerability
Posted in: Exploits/Vulnerabilities, Programming, Web Hacking | Add a CommentSeems like Pwn2Own is getting a reputation for uncovering some pretty nasty browser based vulnerabilities, once again this year Firefox, Safari and IE8 were all broken wide open. The latest development is Mozilla has beaten both Microsoft and Apple to the punch and released Firefox 3.6.3 patching the vulnerability. Again it was a critical vulnerability […]
Tags: aslr, data execution prevention, dep, firefox, firefox 3.6.3, firefox exploit, firefox patch, firefox-vulnerability, hacking ie8, hacking safari, hacking-contest, hacking-firefox, ie8 exploit, ie8 security, nils, peter vreugdenhil, pwn2own, safari vulnerability, safari-exploit, safari-security, tipping point, tippingpoint
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a CommentThe Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite security […]
Tags: auditing, backtrack, boot from usb, damn small linux, damn-vulnerable-linux, dvl, firefox, Forensics, got root, hack from a cave, hackfromacave, hijackthis, honey pots, katana kyuzo, katana v1, mult-boot security distro, ollydbg, Ophcrack, ophcrack live, oswa, Password Cracking, pen-testing, penetration-testing, UBCD, unstoppble copier, usb security tools, wireshark
Posted in: Hacking Tools, Password Cracking | Add a CommentThis is an interesting development, I noticed the pop-up on my Firefox yesterday. The reason however wasn’t security it was ‘instability’. It’s a fair move by Mozilla though as the add-on can cause security vulnerabilities in Firefox outside of their control. They can’t fix the software, so the best thing they can do to ensure […]
Tags: .NET, .net framework assistant, .net security, blocklist, firefox, firefox .net add-on, firefox add-on security, firefox blocklist, firefox plug-in blocklist, firefox-security, firefox-vulnerability, hacking-firefox, ie8 vulnerability, windows presentation foundation
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a CommentAh a bug in our beloved Firefox, after the latest 3.5 update (which sees some definite improvements). The last one I recall was the Clickjacking Vulnerability, which also effected Chrome. It seems like it’s not too serious of an issue and will only cause crashing, there’s no room for remote exploitation or code execution. So […]
Just remember that even though Firefox tends to be more secure than Internet Exploder – it’s not immune from vulnerabilities (although they do tend to get fixed much much faster). The latest one that’s cropped up in both Firefox and Chrome is a clickjacking vulnerability. This is basically where a link is replaced by an […]
Tags: chrome, chrome clickjacking, click jacking, firefox, firefox clickjacking, firefox exploit, firefox-vulnerability, google chrome, google chrome clickjacking, google chrome exploit, google chrome vulnerability, hacking google chrome, hacking-firefox
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
