Neo7's Cheat Happens Blog
Cheat Happens Game Cheats and Wallpapers
Cheat Happens Game Cheats and Wallpapers
 
Cheat Happens Game Cheats and Wallpapers
 
     TRAINERS       REQUESTS       GAME REVIEWS       GAME WALLPAPERS       BOARDS
-OR-
 
     
 

Neo7
EnsignN7@gmail.com

Rank: MODERATOR  
Member Since: Jan 17, 2004
Last Visit: Jul 30, 2014
Location: Japan
Message Boards Postcount: 8023
 
view blog comments  
  view all board posts  new private message
add to address book  add to my friends
 
     
       
   BLOG ENTRIES,  SEPTEMBER 2012:  SUBSCRIBE TO THIS BLOG (100 subscribers) 
 


Strongly encouraged to uninstall Java
posted 9/29/2012 11:19:48 PM

Unless you absolutely need (read: have an application you use on a regular basis that requires it) Java then it is highly recommended that you uninstall Java as soon as humanly possible.

Link

This is the third zero-day exploit that has been found within 3 months which is highly unusual for any large piece of software. Despite the previous patch to guard against the exploit I described earlier, this one affects all versions of JRE and a patch to cover all points is nowhere in sight. I'm starting to see some very poor development choices that were made in the past that require some extensive reparing which will take a long time.

So my advice is to remove Java and if you are dependent on Java then I strongly recommend you find an alternative solution to whatever it is you're using or doing that doesn't rely on Java. If you cannot accept living without Minecraft then at the very least disable Java plugins in everything else (especially the browser).

   
   5 comments 
 


Java Exploit - Technical Details
posted 9/2/2012 4:02:17 PM

So you've probably seen the Java Exploit topic I've posted about on General Discussions but lets go into some of the technical details about how this exploit works just for fun.

First let's get an understanding of how JRE 7's inner workings in terms of security:

The Java runtime has it's own management system for security but will always defer to the OS's management before using its own. Security in this context refers to the privilege that the Java program is allowed to run at. It can be thought in the same way of security clearances in real life in that some people have clearance to view confidential documents but not secret documents. On a computer, there are typically 2 different clearances: Standard and Administrator. 99% of Java programs on the web do not require an Administrator clearance and will run on a standard clearance which does not require the user to enter credentials.

Now lets say that the user in question does not like User Account Control and has it disabled. This is a common scenario but now that the security management engine in Windows is now disabled (and everything runs with an Administrator clearance), Java's own internal security management will run in an attempt to put a buffer between programs trying to run too many privileges. It usually runs in the same manner but with it's own security levels and will properly ask if you want to run something that requires a little more power.

Now that we have an understanding of the basics behind Java and what the exploit abuses lets get into the fun stuff.

Java has a method called execute which is to go out and find the method that the program or user wants to execute. This requires a little more clearance than usual in order to start programs up so this method and allows certain other functions to run with a better clearance through a process called reflection. One of these privileged methods is known as the getField function which gets arguments required by other methods (that is input required for those methods to do stuff).

This getField also has special bypassing functions and one in specific known as the setAccessible function which does what it says (makes whatever accessible).

So an attacker will abuse this daisy chain to use the 'execute' method to find the getField method which grabs the setAccessible command and runs that on Java's internal Security Management interfaces to overwrite the privileged level to the highest available. Once this is done, the attacker has full access to run any code he wants without anything standing in his way. It does not matter if your plugins are configured to ask if you want to run this Java program as it never works on the highest available clearance. The only blocking method that I know would be the NX bit (known as Data Execution Prevention on Windows) which is hardware level protection that security management cannot overwrite.

And of course once the attacker has the privileges, all he has to do is write a program that does bad stuff to your computer. Since Java exists everywhere, it can be used to attack Windows, Mac, Linux, etc.

   
   6 comments 
  Previous Page     Next Page
 
 VIEW MORE BLOG ENTRIES
2014
 JANUARY (1)
 FEBRUARY (1)
 MARCH (1)
 APRIL (1)
 MAY (1)
 JUNE (1)
 JULY (1)
 SHOW OLDER BLOGS
2013
2012
2011
2010
2009
2008
2007
 
2943 users online.
2823 guests / 120 members.
 
       
 
Trainer Troubleshooting Guide        Cheat Terms and Tutorials        Anti-Virus Notifications        Site Help / FAQ        Submit Cheats        Our Friends and Affiliates        About Us
      Copyright © 2001 - 2014  webworks, LLC  All Rights Reserved    -   DISCLAIMER    -   PRIVACY POLICY    -   TERMS OF SERVICE