[Full-disclosure] Sending spam via sites and creating spam-botnets
mustlive at websecurity.com.ua
Tue Jul 20 19:50:42 BST 2010
Hello participants of Full-Disclosure!
In continue to my last month's article Using of the sites for attacks on
other sites and my previous article about creating of botnet from
zombie-servers and program DDoS attacks via other sites execution tool
(DAVOSET), I want to draw your attention to another aspect of Abuse of
Functionality vulnerabilities. At the end of last week I wrote new article
Sending spam via sites and creating spam-botnets
(http://websecurity.com.ua/4382/). Which I'll tell you briefly about.
Similarly to using of the sites for attacks on other sites via Abuse of
Functionality vulnerabilities, it's also possible via Abuse of Functionality
to use sites for sending spam.
There are many such vulnerabilities in Internet, which I wrote about many
times, as vulnerable sites, as vulnerable plugins (which used at many
sites). So many sites can be used for sending spam.
Using of Abuse of Functionality for sending spam.
Researching of such vulnerabilities I begun already in 2007. From that time
I found many web sites with such vulnerabilities and also vulnerable plugins
for popular web applications. Particularly such plugins as WP-ContactForm
for WordPress, Contact Form ][ for WordPress and com_alfcontact for Joomla.
Creating of spam-botnets from sites.
Similarly to tools for conducting of DDoS attacks via Abuse of Functionality
vulnerabilities, as for example DAVOSET, in exactly the same way the tools
for mass spam sending can be created. Via multiple Abuse of Functionality
vulnerabilities at different sites. I.e. these vulnerabilities can be used
for creating of spam-botnets with zombie-servers. And taking into account
that spam will be sending from servers of well-known companies, then very
likely that these letters will bypass spam-filters.
Taking into account widespread of Abuse of Functionality vulnerabilities at
the sites, which allow to send spam, and ignoring of sites' admins
of this problem, it's actual. And taking into account that network from
these zombie-servers can be created without wasting of resources (including
financial), as it occurs in classical botnets, then this type of botnets is
very profitable from financial side. So with time spammers can draw
attention at this method of sending spam and at this type of spam-botnets.
If your site will be DDoSed from Google's servers or you will receive spam
from IBM's servers, than you will be knowing what type of botnets it is.
Best wishes & regards,
Administrator of Websecurity web site
Full-Disclosure is hosted and sponsored by Secunia.