blogger

Saturday, April 13, 2013

Minor flaw allows Hacker to hijack Avira Antivirus customers accounts

Minor flaw allows Hacker to hijack Avira Antivirus customers accounts
Cross site scripting vulnerabilities are mistakenly considered unimportant, but they could allow attackers to inject client-side script in web pages visited by victims.

A cross-site scripting (xss) vulnerability may be exploited by hackers to bypass access controls going beyond the exceptions.
An Egyptian information security advisor Ebrahim Hegazy (Zigoo) has found an XSS vulnerability in the Avira license daemon. license.avira.com
But instead of exploiting it in a normal way "alert('MyName')" stuff and then reporting, He decided to demonstrate it to Avira security team in a different mode with the purposes to show how could an XSS vulnerability allows the hackers to steal user accounts with a clear text data!
To demonstrate this attack he has created 4 files:
  • avira.html - the fake login page
  • log.php - the logger which will log the credentials as clear text into txt file
  • avira.txt - credentials will be found here
  • done.html - will show a congratulation message to fool the users
In below video is the explanation of the attack methodology:
According to Ebrahim Hegazy, Avira team responded promptly and fixed the flaw in short time. For those who consider XSS vulnerability as low severity vulnerability, now you can change your opinion.

0 comments:

Post a Comment

Like Us Anonops Anonimo


Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by http://www.thepiratesoft.org/ | Bloggerized by Lasantha - Premium Blogger Themes | Hack