Socket shield Exploit test

Discussion in 'other anti-malware software' started by aigle, Jul 12, 2006.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Anybody tried the exploit tset from sicket shield makers.

    http://test.socketshield.com/

    I ran the test with IE, Opera and Firefox but got same results with or without socket shield.
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    using firefox, socketshield didnt block the test.

    using internet explorer and ietab tho, and socketshield did block it.
     
  3. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Works on FireFox here.

    Gerard
     

    Attached Files:

    • xpl.gif
      xpl.gif
      File size:
      36 KB
      Views:
      758
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I don,t get red box even without socket shield as they stated.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    What a joke. I tried this in Firefox without javascript and Off By One browser, which does not support javascript, and I still saw the alert... although not as a popup but a separate page, but still, it's a joke.
    Mrk
     
  6. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    That would be because it filters the traffic before it reaches your browser, as it passes though Winsock, so that it can filter traffic for any application. Why would that be "a joke"?
     
  7. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    How can it exactly filter traffic that comes through winsock?
    I don't even have socketshield installed.
    I'm complaining about the test itself not socketshield.
    Mrk

    P.S. It says your computer would have been exploited by just visiting this page. How exactly? By showing you a long string in a box?

    P.S.S. Of course, when the test link is an html page, then it's not surprising that when you click the link you go to the page. Woo-hooo.
     
    Last edited: Jul 13, 2006
  8. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    its just a test Mrkvonic. the string of text is representative of malicious code.

    also the test is meant for socketshield users.
     
  9. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Sorry, that's what I get for posting so late at night :doubt: (I thought you meant you were running SocketShield and felt you shouldn't be seeing SS work at all). Nonetheless, as WSFUser noted, it's for SocketShield users to see how SS would work, and that it is working properly. If the code isn't being replaced by a SS "blocked" message, you just wouldn't see it. This doesn't actually seem to be an exploit, though, just an inline frame that uses CSS, to show that it could potentially contain an exploit. Note that this also appears to be a CSS test, not javascript. :)
     
    Last edited: Jul 13, 2006
  10. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    As nice as SocketShield seems, i can't make use of it as it's for XP etc. I tried the test with IE as usual and Active Scripting disabled, and got nothing but a blank page. Tried again with AS enabled and saw the alert notice, but only after pausing my PopUpBlocker.

    It's interesting that this test might employ CSS bypassing methods, instead of purely using javascript to work. But either way for me it only works with AS enabled !


    StevieO
     
Loading...
Thread Status:
Not open for further replies.