Announcement

Collapse
No announcement yet.

SplashTop Linux Security Hole Discovered

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SplashTop Linux Security Hole Discovered

    Phoronix: SplashTop Linux Security Hole Discovered

    Less than two weeks ago we shared that SplashTop Linux was hacked to run off a USB stick, run custom applications, and more importantly having it run on non-certified motherboards (meaning those not sold by ASUS with SplashTop's instant-on Linux environment embedded). These hacks were done by members of our Phoronix Forums, but now a security hole has been discovered...

    http://www.phoronix.com/vr.php?view=NjY0Ng

  • #2
    DeviceVM, the company behind SplashTop, is currently looking into this problem.
    The problem is that Kano hasn't been offered a job yet.

    Comment


    • #3
      Maybe DeviceVM should offer him one...he found this security flaw in their software, so he deserves a job.

      But OT, things like this need to be fixed fast and an update made available.

      Comment


      • #4
        127.0.0.1

        That screen shot showed the localhost IP address. Is this port also open to the outside world?

        Comment


        • #5
          When you would click on the thread I created then you would know more. In it I tested 2 versions 1.2.3.1 (I guess any older will have it too) does not block this port from outside. 1.2.8.0 fixed that issue (no idea which versions between those 2 are affected). Well that fix is basically only partly because on a Windows system there are always files at standard postition like the Windows registry. I could have added links for that too, but I am sure you get the idea yourself, that you only have to exploit a firefox error with cross-site scripting (XSS) that downloads the user registry, parses it (for example with ctntpw), gets all MRU files from registry, all plaintext serials, login data and lots of other info. Then you can fetch all recently used files on C: partition or on the partition you installed it as you can create full url. This works of course locally too, very informative for business pcs which have been set to boot first from hd but allow splashtop, preferred the "lite" variant from hd.

          Edit: Maybe I forgot to mention that the discovered link to the winhdd is not use by any splashtop app, so only the external link would have been enough. When you know that, then this fault is even more serious. That winhdd link is from va-photo.sqx.
          Last edited by Kano; 08-09-2008, 06:19 AM.

          Comment

          Working...
          X