CyberInsecure.com

Archive for the ‘BitTorrent’ Category

Thousands of private BitTorrent trackers using the popular TBDev code are vulnerable to hostile takeover. According to a security researcher, a successful execution of the exploit could result in the attacker gaining admin rights to the tracker. However, knowledge and a little care can mitigate the effects. This particular TBDev exploit is down to the fact the developers didn’t protect the administrative interface from Cross Site Scripting attacks (XSS).

The popular TBDev code on which thousands of private BitTorrent trackers are built, is said to be vulnerable to a major exploit. A successful attack could allow a malicious attacker to deface the main tracker page (index.php) and hijack the account of anyone who logs into the application. It’s even possible to hijack an administrator’s account by using a social engineering attack to get them to click on specially crafted hyperlink, although most admins won’t be tricked by this method. If you visit a website that the hacker controls then he can also trigger the attack. If you think you might have clicked on a bad link, change your password immediately.

To avoid this exploit, the most important thing to keep in mind is do not click on suspicious links. The link can be easily modified to be shorter, but the important part is avoiding links to TBDev’s /redir.php.

To remove the persistent XSS payload the administrator might have to login to the SQL server manually and delete the offending entry in the “news” table, since they won’t be able to use the web application to delete the news posting.

A very quick fix for this issue would be changing in news.php from “$body = $_POST[”body”];” to “$body = htmlspecialchars($_POST[”body”],ENT_QUOTES);”

The same fix also needs to be applied to $_GET[”url”] in redir.php or the administrator account as well as others are subjected to hijack. There are other security problems with this application, but the XSS is the most serious as it leads to immediate attack.

The full details of the exploit are available in here.

An anonymous hacker claimed last week that the source code for the sci-fi role-playing game “EVE Online” had been leaked and, as proof, posted it to several peer-to-peer services.

The person, who repeatedly criticized the game’s maker CCP during a chat posted online, claimed that software flaws in the program had allowed numerous players to create bots that could automate game play. The hacker offered to help the company close the holes, if they would admit that the code had software vulnerabilities.

The game’s developer, CCP, however, claims that the person likely reverse engineered the code for the game’s client. The client is written in Python, a high-level programming language, which can be easily decompiled into readable code. The possession of the code does not mean that the game’s security can be more easily circumvented, because the developers wrote the client-side code knowing that the software would likely be reverse engineered.

EVE Online maker CCP has not treated the issue lightly. Posting the code, a link to the code, or discussing the issue on the company’s forums has not been tolerated and will likely result in the person being banned from the game, a community manager told forum members. However, there has been no mass bannings from the game, contrary to media reports, the company said in its statement.

The theft of a game’s source code is rare. In 2003, Valve Software acknowledged that someone has stolen the source code for its popular game, Half Life 2. Eight months later, the FBI made several arrests in the case.

Hacking and online gaming seemingly go together, however. Microsoft continues to have problems with account pretexters on its Xbox Live service, and other online games, such as the popular World of Warcraft, have had to deal with the prolific use of bots.

TorrentSpy, one of the biggest BitTorrent sites, has been shut down permanently by the owners. They decided on their own, without any court orders, to bring the Torrentspy.com search engine to an end and it was permanently closed down for all visitors or members on March 24,2008.

Quote from TorrentSpy.com website:

Friends of TorrentSpy,

We have decided on our own, not due to any court order or agreement, to bring the Torrentspy.com search engine to an end and thus we permanently closed down worldwide on March 24, 2008.

The legal climate in the USA for copyright, privacy of search requests, and links to torrent files in search results is simply too hostile. We spent the last two years, and hundreds of thousands of dollars, defending the rights of our users and ourselves.

Ultimately the Court demanded actions that in our view were inconsistent with our privacy policy, traditional court rules, and International law; therefore, we now feel compelled to provide the ultimate method of privacy protection for our users - permanent shutdown.

It was a wild ride,
The TorrentSpy Team

“Big Brother in the form of an increasingly powerful government and in an increasingly powerful private sector will pile the records high with reasons why privacy should give way to national security, to law and order […] and the like.” - Justice William O. Douglas

Four major Japanese ISP organizations have agreed that they will work with copyright holders to track down copyright infringing file-sharers and disconnect them from the internet. The reason for such an act would probably be a huge increase in complaints from the music, movie and software industries.

According to the report in Yomiuri Shimbun, the agreement would see copyright holders tracking down file-sharers on the Internet using “special detection software” and then notifying ISPs of alleged infringers. ISPs would first send out warnings by email to those traced and then interrupt the Internet connection if file sharing continues. For persistent breaches, the ISP would ultimately terminate the accounts of its subscribers.

These four major ISP organizations - which include Telecom Service Association and the Telecommunications Carriers Association - are made up of around 1,000 other ISPs, a large portion of the Japanese market. In collaboration with the copyright holders, the ISPs will set up a panel in April to decide exactly how the system should operate.

In 2006, a Japanese ISP decided to plan measures to stop their subscribers using file-sharing software, by tracking their activities and disconnecting them from the Internet. The plan didn’t come to fruition as the government stepped in and said that such monitoring might have privacy implications. Under huge pressure from the movie, music and software industries, the four major ISP organizations in Japan are at it again, and have agreed to take drastic action against online pirates. There is a discussion surrounding the suggestion that persistent file-sharers could be banned from the internet. So far there have been proposals in countries like France, the UK and Australia.

During December last year we reported that the number of internet users file-sharing in Japan had increased by a 180% in a single year.