Full Disclosure

The need for Full, Partial, Responsible and Zero disclosure. Issues with reporting vulnerabilities to vendors.

Sophos Free Tool To Detect The Windows Shortcut Exploit (.lnk)

The friendly guys over at Sophos have been kind enough to release a protection tool to protect against the now famous Microsoft LNK 0-day vulnerability. Someone had to do it, it’s a shame it wasn’t Microsoft, but hey.
What this tool does is to replace the current Microsoft icon handler with the Sophos one, so it will check all shortcut (LNK) files before allowing them to run, what’s even nicer is that this tool is free, and you can download it from here.

Please note though that this tool does not protect you from  LNK files or targets stored on the local disk or PIF based exploits.

There’s also a video of the tool in action, which you can find on YouTube here.

Safari AutoFill Exploit

So it seems that Safari uses the details from your Address Book to AutoFill forms on web sites, this is enabled by default. In theory this is a great idea, until someone writes some malicious JavaScript to get these details passed to a hidden form without your knowledge. Looking through all the possible available fields in the Apple Address Book app, it really gets quite troubling. Name, Address, Job Title, Department, Anniversary. This could all be used nicely for a really fun Social Engineering exercise, or really help with an identity theft scam.

There is a PoC of this hosted here.

Personally I’d suggest disabling AutoFill in Safari’s preferences, better safe than sorry.

Microsoft LNK exploit added to Metasploit

With all the talk about the Microsoft LNK exploit, it was only a matter of time before the guys over at camp Metasploit added the exploit for this one to the Metasploit Framework.

You can find the details for the module over here.

If you’re one of those types of people that want to have a look at the source code for this one, then you can cast your eyes on that right here.

To get this module into MSF, all you have to do is SVN up.

Have fun 😉