Vulnerabilities at Flash/Broom

Vulnerabilities at Flash/Broom

Posted by NitrouZ in Security on Saturday, January 17th, 2009 | 11 responses

Setelah iseng berjalan-jalan ke situs KEI, dan sebelumnya memang sudah mendapatkan informasi dari om rmx :D Malah sempat di berikan akses masuk administrator. :)) Tapi suer ga ngapa-ngapain kok, cuman lihat-lihat ajah :p Ok langsung ajah, kali ini saya akan memberikan bukti kongkrit bagi para pengguna shared conncection seperti TelkomFlash/IM2 Broom dan beberapa koneksi setipe. Kalau dilihat dari percakapan di KEI, bug ini sudah lama di temukan :p Tapi walaupun repost, yang penting happy :D *** pinjem gayanye yesssh om :p ***

Disclaimer : Apa yang saya tulis di sini adalah sebatas apa yang memang patut saya ketahui, untuk selebihnya silakan explore sendiri. :) Dan sekali lagi, saya/kami tidak bertanggung jawab atas penyalahgunaan artikel ini. Use at your own risk.

Sebelum menuju ke topik pembahasan yang lebih lanjut, ini hasil capture iseng saya scan network Telkomsel Flash pada IP 114.121.144.0/24 menggunakan nmap di windows. Dan ini hasil capture potongannya :

NMAP Telkomsel Flash

NMAP Telkomsel Flash

Dari hasil scan nmap di atas, saya mendapatkan beberapa IP yang mungkin bisa dijadikan target scan :p Ini cuma mungkin lho, saya belum pernah coba :D hihihih… :D Itu hanya iseng scan saja sebelum masuk ke pembahasan berikutnya. :p

Lalu, ini hasil dari IPS/IDS saya :D Mungkin cuman jadi pajangan aja kok, biar lengkap gitu :D

KIS IDS/IPS

KIS IDS/IPS

Di atas hanya gambaran kecil dari apa yang bisa terjadi di PC/Laptop Anda :D Seperti potongan chat di bawah ini yang saya peroleh dari KEI :D

rmx_

rmx_

Gotcha :D

  • No Related Post
tabs-top
  • No Related Post
bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark
tabs-top

11 Comments »

  1. avatar
    08:51:54 - January 19th, 2009: #1
    kucing says:

    :D

    comment-bottom
  2. avatar
    09:52:39 - January 19th, 2009: #2
    NitrouZ says:

    #1,
    wew… :-ss

    comment-bottom
  3. avatar
    14:34:24 - January 22nd, 2009: #3
    bulu says:

    solusinya apa bro buat yg pake telkomselflash seperti saya… :-ss

    comment-bottom
  4. avatar
    09:23:29 - January 24th, 2009: #4
    NitrouZ says:

    #3,
    patch your sys, jangan pake windows :P
    kalau memang diperlukan dan sering kali melakukan interaksi menggunakan tselflash / broom, pasang firewall yg mempunyai IDS.

    comment-bottom
  5. avatar
    11:31:25 - January 30th, 2009: #5

    mas itu IDS?IPS itu faslitas firewall kayak apa sih ? aku pakenya yg gratisan nih firewallnya pake punya ZOne alarm

    comment-bottom
  6. avatar
    12:01:23 - January 31st, 2009: #6
    NitrouZ says:

    #5,
    iya IDS, IPS sama IDS prinsipnya sama kok. Intrusion Detection System sama Intrusion Prevention System. CMIIW. Kalau mau yg gratisan tapi maknyus, coba Comodo Firewall. Beberapa pengembangnya itu orang lama di Trustix :D CMIIW lagi :D

    comment-bottom
  7. avatar
    12:19:22 - January 31st, 2009: #7
    abror_lagi says:

    wow gitu ya,tak pikir comodo sama ZA bagusan ZA,ganti comodo aja ah…

    Intrusion Detection System <== kepanjangannya lebih ngeri ternyata dari singkatannya….wkwkw

    comment-bottom
  8. avatar
    20:32:23 - February 4th, 2009: #8
    oner says:

    berarti laptop kita bisa di liat2 orang yah :-ss

    comment-bottom
  9. avatar
    22:56:32 - March 14th, 2009: #9
    slvstzr says:

    wew..
    yang d sebut DCOM Exploit attack ini ya?

    comment-bottom
  10. avatar
    19:27:36 - April 9th, 2009: #10
    seven says:

    wew.. bikin takut ah

    comment-bottom
  11. avatar
    00:08:04 - August 3rd, 2009: #11
    t4w0n 5p4rt4 says:

    11:58:00 PM Block IN TCP 60.50.186.141 2636 114.125.** 445 SYN Blocked by the Attack Detecton component
    11:57:59 PM Block IN TCP 60.50.186.141 2636 114.125.** 445 SYN Blocked by the Attack Detecton component
    11:56:27 PM Block IN TCP 117.81.77.244 1602 114.125.** 445 SYN Blocked by the Attack Detecton component
    11:56:24 PM Block IN TCP 117.81.77.244 1602 114.125.** 445 SYN Blocked by the Attack Detecton component
    11:54:07 PM Block IN TCP 114.123.58.214 2643 114.125.** 1433 SYN Blocked by the Attack Detecton component
    11:54:05 PM Block IN TCP 75.126.221.216 80 114.125.** 2392 RST ACK Blocked by the Attack Detecton component
    11:53:27 PM Block IN TCP 91.67.149.170 2242 114.125.** 445 SYN Blocked by the Attack Detecton component
    11:53:22 PM Block IN TCP 91.67.149.170 2242 114.125.** 445 SYN Blocked by the Attack Detecton component
    11:53:06 PM Block IN TCP 114.125.24.180 4502 114.125.** 1433 SYN Blocked by the Attack Detecton component
    11:53:01 PM Block IN TCP 75.126.221.216 80 114.125.** 2392 ACK Blocked by the Attack Detecton component

    8/2/2009 11:56:24 PM 117.81.77.244 Detected attack, host not blocked SINGLE_SCAN_PORT (48385)
    8/2/2009 11:54:07 PM 114.123.58.214 Detected attack, host not blocked SINGLE_SCAN_PORT (39173)
    8/2/2009 11:53:22 PM 91.67.149.170 Detected attack, host not blocked SINGLE_SCAN_PORT (48385)
    8/2/2009 11:53:06 PM 114.125.24.180 Detected attack, host not blocked SINGLE_SCAN_PORT (39173)
    8/2/2009 11:48:26 PM 212.116.136.16 Detected attack, host not blocked SINGLE_SCAN_PORT (48385)
    8/2/2009 11:47:08 PM 65.70.191.27 Detected attack, host not blocked SINGLE_SCAN_PORT (48385)
    8/2/2009 11:42:15 PM 114.123.121.233 Detected attack, host not blocked SINGLE_SCAN_PORT (48385)
    8/2/2009 11:41:26 PM 75.126.221.216 Detected attack, host not blocked SINGLE_SCAN_PORT (22537)
    8/2/2009 11:40:27 PM 114.125.157.204 Detected attack, host not blocked SINGLE_SCAN_PORT (48385)
    8/2/2009 11:39:43 PM 151.54.7.167 Detected attack, host not blocked SINGLE_SCAN_PORT (48385)
    8/2/2009 11:36:28 PM 114.125.15.70 Intruder unblocked

    apakah yg seperti itu jg, tuh tiap menit log firewall penuh yg ama namanya serangan n scanning

    comment-bottom

RSS feed for comments on this post. TrackBack URL

Leave a comment