Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:

Firefox Quantum version:

The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip

The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.

Continue reading

1. Hacker Tools Hardware
2. Hacker Techniques Tools And Incident Handling
3. Termux Hacking Tools 2019
4. Hacker Tools For Windows
5. Hacker Tools Apk Download
6. Hacking Tools Hardware
7. How To Make Hacking Tools
8. New Hacker Tools
9. Free Pentest Tools For Windows
10. Hacker Tools Linux
11. Hacking Tools Pc
12. What Are Hacking Tools
13. Hacker Techniques Tools And Incident Handling
14. Hacking Tools For Mac
15. Pentest Tools Find Subdomains
16. Hacker Search Tools
17. Hackers Toolbox
18. Ethical Hacker Tools
19. How To Install Pentest Tools In Ubuntu
20. Hacker Tools Windows
21. Best Hacking Tools 2019
22. Github Hacking Tools
23. Underground Hacker Sites
24. Hacking Tools Pc
25. Hacking Apps
26. Hacker Tools Apk Download
27. Hacking Apps
28. Install Pentest Tools Ubuntu
29. Hacker Techniques Tools And Incident Handling