Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:

Firefox Quantum version:

The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip

The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.

Continue reading

1. Pentest Tools Download
2. Game Hacking
3. Black Hat Hacker Tools
4. Hacker Tools
5. Pentest Recon Tools
6. Hacker Tools For Windows
7. Hack Tools For Mac
8. Hack Tools For Windows
9. Hack Tools
10. Pentest Tools Bluekeep
11. Best Hacking Tools 2020
12. Hacking Tools For Windows Free Download
13. Hack Tool Apk No Root
14. Pentest Tools Online
15. Hacker Tools Apk
16. Hacker Security Tools
17. Android Hack Tools Github
18. Pentest Tools Website Vulnerability
19. Hack Tools 2019
20. Pentest Tools Bluekeep
21. Hacker Tools Apk
22. Pentest Tools Download
23. Best Hacking Tools 2020
24. Hacker Tools List
25. Hacker Tools
26. Hack Tools For Games
27. How To Make Hacking Tools
28. Pentest Tools For Android
29. Nsa Hack Tools