October 2006

SCADA Watch: Hackers Penetrate Water System Computers

fergie (paul ferguson) just sent this to funsec:

from the duh-its-a-bot-department!

via abc news’ “the blotter”.


a foreign hacker who penetrated security at a harrisburg, pa., water
filtering plant is under investigation by the fbi for planting
malicious software capable of affecting the plant’s water treatment
operations, abc news has learned.

the hacker tried to covertly use the computer system as its own
distribution system for e-mails or pirated software, officials told abc.

Old Internet Explorer Window Injection Vulnerability strikes to IE7

First we had Internet Explorer 7 “mhtml:” Redirection Information Disclosure issue and then Internet Explorer 7 Popup Address Bar Spoofing Weakness was reported.

Windows Injection case was originally discovered by Secunia Research guys in November 2004 already. MSIE versions 5.01, 5.5 and 6.0 are unpatched still and Mr. Per Gravgaard reported Internet Explorer 7 as affected today via new SA22628 advisory.

Microsoft Internet Explorer team had almost two years to fix the issue but they didn’t fix it.

Test link is located at the following URL:


RFIDIOt released RFID E-passport skimming PoC

Mr. Adam Laurie, UK has recently posted the demonstration code (Python) which

…will exchange crypto keys with the passport and read and
display the contents therein, including the facial image and the
personal data printed in the passport. Currently the data read is
limited to the following objects:


Project site www.rfidiot.org (it stands for “RFID IO tools“) has other RFID passport related material as well.

This week with reported vulnerabilities in First-Generation RFID enabled credit cards is not good news to RFID technology! These NBC Today video and YouTube demonstration video show the skimming attack etc.

I’m not saying “Enjoy!”, I’m saying “Be careful!”

Anecdotal story about myself, worm writing and Emergent behavior in Worms

When I first started [I was about 13 & 1/2] working with computers I was really interested in figuring out how the ‘did what they did’. So much so that I was tinkering with assembler within 6 months of getting a computer, not that I accomplished much at that time. I didn’t have internet access so my only ‘escape’ from the real world was delving deeper into the machine. I quickly developed programming skills and was becoming trapped by the limits imposed in QuickBasic (hey we all learn somehwere :D). I went back to looking at assembler since I knew I could encode byte code into the basic programs. After that I made some great mode 13 games and demos.

XSS Fragmentation Attacks

A newly released paper shows how a fragmentation attack can be used to cause web site that don’t filter out content too strictly to include arbitrary javascript which in turn can be used to cause a cross site scripting vulnerability. One such web site is of course MySpace.com.

The concept basically stems from the idea that if the web site looks for tags when it filters out content, then using broken tag content will render the filtering mechanism useless.

You can read more about this in the following link.