Selamat Datang

home page statistics
Disney Vacation Package

Sabtu, 27 Mei 2023

Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:


Firefox Quantum version:



The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip




The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.




Continue reading


  1. Hacking Tools Online
  2. What Are Hacking Tools
  3. Hacking Tools For Kali Linux
  4. Hacking Tools For Windows 7
  5. Bluetooth Hacking Tools Kali
  6. Pentest Tools Windows
  7. Tools 4 Hack
  8. Underground Hacker Sites
  9. Bluetooth Hacking Tools Kali
  10. Hack Tools 2019
  11. How To Make Hacking Tools
  12. Install Pentest Tools Ubuntu
  13. Hack Tools For Windows
  14. Hacking Tools For Beginners
  15. Pentest Reporting Tools
  16. Hacking Tools Windows
  17. Hacker Search Tools
  18. Growth Hacker Tools
  19. Github Hacking Tools
  20. Pentest Tools Open Source
  21. Pentest Tools List
  22. Hack Tools
  23. Ethical Hacker Tools
  24. Hack Tools For Windows
  25. Nsa Hack Tools
  26. Hacking Tools Hardware
  27. Usb Pentest Tools
  28. Hackers Toolbox
  29. Hack Website Online Tool
  30. Hacker Tools Software
  31. Hack Website Online Tool
  32. Hacker Tools Software
  33. Hacking Tools Download
  34. How To Make Hacking Tools
  35. Hacker Tool Kit
  36. Tools 4 Hack
  37. Pentest Box Tools Download
  38. Best Pentesting Tools 2018
  39. Ethical Hacker Tools
  40. Hacker Tools Hardware
  41. Hack Tools For Windows
  42. Hacking Tools And Software
  43. Best Hacking Tools 2019
  44. Pentest Tools Android
  45. Hacker Tools Apk
  46. Pentest Tools Framework
  47. Hacker Tools Github
  48. Hack Tools For Windows
  49. Pentest Reporting Tools
  50. Hacker Tools Hardware
  51. Hack Tools Download
  52. Tools Used For Hacking
  53. Pentest Tools Windows
  54. Best Hacking Tools 2019
  55. Hacker Tool Kit
  56. Growth Hacker Tools
  57. Hacking Tools Name
  58. Pentest Tools Find Subdomains
  59. Pentest Tools Url Fuzzer
  60. Hacking App
  61. Hacking Tools And Software
  62. Hacker Tools Mac
  63. Hack Tools Mac
  64. Hacking Tools For Windows Free Download
  65. Hack Tools
  66. Hacker Search Tools
  67. Beginner Hacker Tools
  68. Tools Used For Hacking
  69. Game Hacking
  70. Hak5 Tools
  71. Hack App
  72. Pentest Tools Url Fuzzer
  73. Hak5 Tools
  74. Pentest Tools Subdomain
  75. How To Install Pentest Tools In Ubuntu
  76. Hacker Tools Windows
  77. Pentest Tools Download
  78. Hacking Tools Kit
  79. Pentest Tools Alternative
  80. Pentest Tools Subdomain
  81. Pentest Tools Download
  82. Hacking Tools For Windows
  83. Hacking Apps
  84. Hacker Tools For Mac
  85. Pentest Tools Github
  86. Pentest Tools Website Vulnerability
  87. Pentest Tools Windows
  88. Hacking Tools For Beginners
  89. Hack Tools
  90. Hacking Tools Usb
  91. Hacker Tools Software
  92. Nsa Hacker Tools
  93. Hacker Tools Apk Download
  94. Hacker Tools Windows
  95. New Hack Tools
  96. Hacking Tools For Windows 7
  97. Hacker Search Tools
  98. Pentest Box Tools Download
  99. Hacker Tools Windows
  100. Termux Hacking Tools 2019
  101. Free Pentest Tools For Windows
  102. Hacking Tools Github
  103. Hacker Tools Windows
  104. Hacking Tools Windows
  105. Hacking Tools Hardware
  106. Computer Hacker
  107. Free Pentest Tools For Windows
  108. Hack And Tools
  109. Pentest Tools Find Subdomains
  110. Underground Hacker Sites
  111. Tools For Hacker
  112. Pentest Tools For Windows
  113. Hack Tools For Ubuntu
  114. New Hack Tools
  115. Hacking App
  116. Hacker Security Tools
  117. Hack Website Online Tool
  118. Hack Tools For Ubuntu
  119. Nsa Hack Tools Download
  120. Hacker Security Tools
  121. Hacking Tools Software
  122. Pentest Tools Windows
  123. Pentest Tools Kali Linux
  124. What Is Hacking Tools
  125. Github Hacking Tools
  126. Pentest Recon Tools
  127. Hack Website Online Tool
  128. Hack Apps
  129. Pentest Tools Website
  130. Pentest Tools Alternative
  131. Growth Hacker Tools
  132. Pentest Automation Tools
  133. Hack Tools For Windows
  134. Hack Tools For Windows
  135. Beginner Hacker Tools
  136. Hacking Tools For Windows Free Download
  137. Pentest Tools For Windows
  138. Hacker Tools Linux
  139. Hacker Tools Mac
  140. Top Pentest Tools
  141. Pentest Tools Tcp Port Scanner
  142. Top Pentest Tools
  143. Pentest Tools Port Scanner
  144. World No 1 Hacker Software
  145. Hack App
Diposting oleh suhaimidewis di Sabtu, Mei 27, 2023

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)