Category: Blog

VLC Vulnerability – Tempered Subtitles can give complete control of the system remotely

Posted on by admin

Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution

Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and Strem.io.

It’s common to see subtitle files (usually a .srt or .sub) included in torrents and other less-than-legal movie downloads, so people tend to simply ignore them. You can load this file into most video players to display subtitles in the chosen language synced to the video. Check Point says that there are roughly 200 million installations of video players vulnerable to this exploit including VLC, Kodi, Popcorn-Time, and Stream.io.

Details can be found here:

Solution: Download Subtitle Hack Fix

Check Point researchers contacted the developers of the affected media players in April 2017. Thankfully, the security patches have been released.

In the case of VLC, the attacker can leverage a memory corruption bug. The media player had four vulnerabilities (CVE-2017-8310, CVE-2017-8311, CVE-2017-8312 and CVE-2017-8313) which have been fixed by VideoLan.

A fix for VLC is available as the latest version 2.2.5.1 which is present on the VideoLan website. The same is the case for Stremio.

SambaCry Vulnerability – Remote Code Execution Vulnerability in Linux

Posted on by admin

SambaCry – Remote Code Execution Vulnerability

A seven-year-old remote code execution vulnerability that is affecting Samba versions 3.5.0 and higher is making news this week. The vulnerability is billed as the WannaCry equivalent for *nix operating systems, and some are even calling it SambaCry since it affects the SMB protocol implementation and is potentially wormable, which can cause it to spread from system to system.

A malicious Samba client that has write access to a Samba share could use this flaw to execute arbitrary code, typically as root.

Points:

  • CVE-2017-74942 has a CVSS score of 7.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
  • This vulnerability is the Linux version of WannaCry, appropriately named SambaCry. A malicious Samba client that has write access to a Samba share could use this flaw to execute arbitrary code, typically as root.
  • The flaw allows a malicious client to upload a shared library to a writable share and then cause the server to load and execute it with the privileges of smbd (typically root).
  • This flaw affects all versions of Samba from 3.5.0 onwards, except for the most recent releases of Samba 4.6.4, 4.5.10, and 4.4.14.

Exploit Samba Vulnerability:

https://github.com/opsxcq/exploit-CVE-2017-7494

Solution:

Updating Samba will fix this vulnerability.

One step towards changing the world

Posted on by admin

Research Team is working to make this place better and safer

Once upon a time, an old man walked down a Spanish beach at dawn, he saw ahead of him what he thought to be a dancer. The young man was running across the sand, rhythmically bending down to pick up a stranded starfish and throw it far into the sea.

The old man gazed in wonder as the young soul again and again threw the small starfish from the sand into the water. The old man approached him and asked why he spent so much energy doing what seemed a waste of time. The young man explained that the stranded starfish would die if left until the morning sun. “But there are thousands of miles of beach, and miles and miles of starfish. How can your effort make any difference?” The young man looked down at the small starfish in his hand, and as he threw it to safety in the sea, said, “It makes a difference to this one!”

Our research team is doing the same work in the ocean of websites. Their efforts are definitely making a difference to one.

Web security is as much essential as web development these days, but many web-based applications are not taking it seriously. You are not mugged till now, it doesn’t mean robbers do not exist. Our security research and analysis team picks random servers from the internet and finds the vulnerabilities. They act like ethical hackers and inform them about vulnerabilities.

One of the vulnerabilities we found was in the site asapp.com. Asapp is built by a team of leading scientists, software engineers, and designers. We reported them and got a reply from their young and dynamic founder and advisor Marcus Westin. First he did not believe, but when we showed him proof, he was surprised. He wanted to know how it was possible for us to hack into their system. Our security researchers not only showed him the steps, they also suggested their team fix the vulnerability.

Another incident was with the site mypokert.com. It is a site to play poker online. When we sent an email about their vulnerable site, they did not believe, but two months later we got an email from site owner Kirill about their site being hacked, and it was exactly the same way we mentioned in the mail. But now it was too late. Their data could not be recovered. The hacker dropped all the databases.

When they asked for our help, we provided solutions to make their site more secure and robust on the security front.

Security Header – Ignored X-Frame Options

Posted on by admin

What is Clickjacking

Clickjacking is a malicious technique that tricks a web user into clicking on something different from what they perceive, potentially revealing confidential information or allowing attackers to take control of their computer while interacting with seemingly harmless web pages.

For example, an attacker may create a web page with a button labeled “Click here for a free iPod.” On top of this page, the attacker places an invisible iframe containing the user’s email account, aligning the “delete all messages” button directly over the “free iPod” button. When the user clicks the “free iPod” button, they actually trigger the “delete all messages” action. This hijacking of user clicks is why the technique is called Clickjacking.

The risk arises when a server does not return an X-Frame-Options header. This HTTP header indicates whether a browser is allowed to render a page in a <frame>, <iframe>, or <object>. By using it, sites can prevent clickjacking by ensuring their content is not embedded in other sites.

X-Frame-Options Header

Set the X-Frame-Options header for all responses containing HTML content. The possible values are:

  • DENY – Prevents any domain from framing the content. Recommended unless framing is specifically needed.
  • SAMEORIGIN – Allows only the current site to frame the content.
  • ALLOW-FROM uri – Permits the specified URI to frame the page (e.g., ALLOW-FROM http://www.example.com). Note: this may fail if the browser does not support it.

Examples of Configuration

Apache:

Header always set X-Frame-Options SAMEORIGIN
Header set X-Frame-Options DENY
Header set X-Frame-Options "ALLOW-FROM https://example.com/"

Nginx:

add_header X-Frame-Options SAMEORIGIN;

IIS: Add the following to your site’s Web.config file:

<system.webServer>
  <httpProtocol>
    <customHeaders>
      <add name="X-Frame-Options" value="SAMEORIGIN" />
    </customHeaders>
  </httpProtocol>
</system.webServer>

Using the X-Frame-Options header properly helps protect your website from clickjacking attacks.

Who’s using React js?

Posted on by admin

ReactJS: Transforming Modern Web and Mobile Applications

The digital world is evolving rapidly, and keeping up with trends can be challenging. However, industry leaders are continuously adapting to new technologies and frameworks. Major apps like Facebook, Instagram, Netflix, and others are constantly enhancing their user experience and embracing innovative solutions.

Recently, ReactJS has gained significant attention due to its impressive features and versatility. For those unfamiliar, ReactJS offers numerous advantages that have made it extremely popular among developers. Its lightweight representation of the document (Virtual DOM) allows for highly efficient and dynamic web applications, similar to frameworks like NodeJS and other JavaScript tools.

The proof of ReactJS’s popularity can be seen in the major apps that rely on it. Here are some of the most impressive applications built with ReactJS:

Facebook

  • Utilizes dynamic charts that render to <canvas> instead of HTML.

Instagram

  • Uses React for geo-location features, Google Maps APIs, and improving search accuracy.
  • Built as a single-page web app entirely with React.

Netflix

  • Implements React in their platform Gibbon, designed for low-performance TV devices.
  • Benefits include improved startup speed, runtime performance, and modularity.

New York Times

  • React powers interactive galleries, allowing users to filter photos spanning 19 years.
  • Efficient re-rendering enhances user experience.

Khan Academy

  • Many parts of the platform are currently built using ReactJS.

WhatsApp

  • Uses ReactJS for building user interfaces, along with Underscore.js and Velocity.js.
  • The all-new WhatsApp Web app leverages React for seamless functionality.

If your web or mobile application aims to leverage modern technologies and deliver a superior user experience, investing in ReactJS or React Native is highly worthwhile.

Security Header : Why X-XSS Protection is important

Posted on by admin

What is X-XSS Protection?

The HTTP X-XSS-Protection response header is a security feature supported by Internet Explorer, Chrome, and Safari that helps prevent pages from loading when a reflected cross-site scripting (XSS) attack is detected.

This header activates the built-in XSS filter in most modern browsers. It is typically enabled by default, but this header ensures the filter is active for a specific website even if a user has disabled it. The header is supported in IE 8+ and in Chrome (since Chrome 4, although support for the header may vary in older versions).

Header Values and Behavior:

  • X-XSS-Protection: 0 – Disables the XSS filter.
  • X-XSS-Protection: 1 – Enables the filter; scripts coming from the request are filtered, but the page still renders.
  • X-XSS-Protection: 1; mode=block – Enables the filter and, when an attack is detected, blocks the page from being rendered entirely.

Examples of Implementation:

Django:

SECURE_BROWSER_XSS_FILTER = True

Nginx:

add_header X-XSS-Protection "1; mode=block";

Apache:

Header always set X-XSS-Protection "1; mode=block"

Important Considerations:

While the XSS filter can provide a layer of defense, it is not foolproof. There are known bypasses, and the filter may have limitations in certain contexts. Relying solely on the X-XSS-Protection header is not sufficient for comprehensive XSS prevention; proper input validation and output encoding are essential.

References and Further Reading:

10 Interesting facts about OpenOffice

Posted on by admin

History and Evolution of OpenOffice and LibreOffice

  • OpenOffice.org (OOo), commonly known as OpenOffice, was an open-source office suite derived from the earlier StarOffice. The project has since been discontinued.
  • In August 1999, Star Division was acquired by Sun Microsystems for $59.5 million, a cost-effective alternative to licensing Microsoft Office for its 42,000 staff.
  • Sun Microsystems open-sourced OpenOffice in July 2000 as a competitor to Microsoft Office, with version 1.0 released on May 1, 2002.
  • After acquiring Sun Microsystems in January 2010, Oracle Corporation continued developing OpenOffice.org and StarOffice, renaming it Oracle Open Office. In September 2010, many external developers left due to management concerns, forming The Document Foundation (TDF), which released the fork LibreOffice in January 2011. Most Linux distributions, including Oracle Linux, soon adopted LibreOffice.
  • In April 2011, Oracle ceased development of OpenOffice.org and disbanded the remaining Star Division team. The reasons were not publicly disclosed, but speculation points to community migration to LibreOffice and commercial considerations.
  • By June 2011, Oracle announced it would no longer offer a commercial version of OpenOffice. They contributed the OpenOffice.org trademarks and source code to the Apache Software Foundation, which re-licensed it under the Apache License.
  • The project joined the Apache Incubator on June 13, 2011. Oracle’s code drop was imported on August 29, 2011. Apache OpenOffice 3.4 was released on May 8, 2012, and the project became a top-level Apache project on October 18, 2012.
  • By December 2011, the project was referred to as Apache OpenOffice.org (Incubating). In 2012, the name Apache OpenOffice was officially adopted.
  • LibreOffice is a free and open-source office suite developed by The Document Foundation, forked from OpenOffice.org in 2010.
  • The LibreOffice beta was announced on September 28, 2010. Between January 2011 (first stable release) and October 2011, it was downloaded approximately 7.5 million times. From May 2011 to May 2015, LibreOffice recorded 120 million unique downloads, with 55 million occurring between May 2014 and May 2015, excluding Linux distributions.
This refined content provides a clear, chronological understanding of the transition from OpenOffice to LibreOffice and their development milestones.

webRTC – Future is Here

Posted on by admin

What is WebRTC?

WebRTC (Web Real-Time Communication) is an API developed by the W3C and standardized by the RTCWEB IETF group, designed to enable peer-to-peer communication directly between web browsers. This communication can handle multiple types of data, including video, audio, and files.

Why WebRTC is Important

WebRTC allows browsers to establish direct channels for video and data communication without requiring external plugins or software. It is built into major browsers like Chrome, Firefox, and Opera, providing a seamless real-time experience for users.

How WebRTC Works

WebRTC relies on three core components:
  • getUserMedia – Grants access to a device’s camera and microphone for capturing video and audio.
  • RTCPeerConnection – Facilitates audio-video calls between devices.
  • RTCDataChannel – Enables peer-to-peer data exchange between devices.
By leveraging these components, WebRTC establishes direct connections between devices, allowing efficient real-time communication.

WebRTC and iOS Support

WebRTC has long been supported by many browsers, but Apple’s support was delayed. Safari 11 added WebRTC support through WebKit, but on iOS, WebRTC is not fully native. While Android users can build fully native WebRTC apps, iOS limitations (with its 43% US market share) present challenges for browser-based communication apps on mobile platforms.

How WebRTC Works

WebRTC has a wide variety of use cases:
  • Hangouts, Snapchat, WhatsApp – Real-time video and voice calling.
  • Bank of America – Video chat support for ATMs.
  • PeerCDN – File sharing across large networks.
  • Robotics – Remote control of devices using WebRTC’s data channels.
The main reason for its adoption is that browser-to-browser communication reduces server costs significantly, sometimes by up to 90%, making it ideal for real-time applications.

Splendornet and WebRTC

At Splendornet, we have been leveraging WebRTC for years to build efficient real-time applications. Our implementations include:
  • Web-based multi-user video conferencing
  • Mobile audio-video chat systems
  • Advanced features like bandwidth control, multiple peer connections, and canvas/video element streaming

Examples of WebRTC Applications We Implemented:

  • Using getUserMedia with canvas and CSS filters
  • Streaming from a video element to another video element
  • Streaming from a video element to a peer connection
  • Recording streams from a canvas element
  • Dynamically changing bandwidth
  • Managing multiple peer connections simultaneously
  • Displaying peer connection states
  • Using Web Audio output as input to peer connection
  • Using peer connection as input to Web Audio
  • RTCDataChannel for data exchange
WebRTC enables highly efficient, real-time communication and has been successfully integrated into many of our projects, delivering smooth and reliable user experiences.

10 Interesting Facts about Mysql

Posted on by admin

History and Evolution of MySQL and MariaDB

  • MySQL was created by the Swedish company MySQL AB, founded by David Axmark, Allan Larsson, and Michael “Monty” Widenius.
  • The name MySQL comes from Monty Widenius’s daughter My, giving the database its distinctive name.
  • The first version of MySQL was released on 23 May 1995. It was initially developed for personal use and was based on mSQL, using the low-level ISAM storage format, which the creators found too slow and inflexible.
  • MySQL is written in C and C++, and its SQL parser is implemented using yacc.
  • In January 2008, Sun Microsystems acquired MySQL AB for $1 billion, marking a major milestone in its history.
  • In January 2010, when Oracle Corporation acquired Sun Microsystems, Monty Widenius forked the open-source MySQL project to create MariaDB, driven by concerns over Oracle’s control of MySQL. MariaDB is based on the same code base as MySQL Server 5.5 and was designed to remain highly compatible with Oracle’s MySQL versions.
  • On the same day Oracle announced the acquisition of Sun, Widenius launched MariaDB and was joined by many MySQL developers who moved with him to the new project.
  • MariaDB is named after Monty Widenius’s younger daughter Maria, mirroring the naming origin of MySQL.
  • A global movement to “Save MySQL” was initiated by Monty Widenius in opposition to Oracle’s acquisition. A petition signed by over 50,000 developers and users urged the European Commission to block the acquisition.
  • MariaDB incorporates only released versions of MySQL into its main development branch and serves as a binary drop-in replacement for corresponding MySQL versions. For example:
  • MySQL 5.1 → MariaDB 5.1 (also compatible with MariaDB 5.2 and 5.3)
  • MySQL 5.5 → MariaDB 5.5 and, in practice, MariaDB 10.0
  • MySQL 5.6 → MariaDB 10.0
  • MySQL 5.7 → MariaDB 10.2

This refined overview highlights the origins, evolution, and close relationship between MySQL and MariaDB.

Awards & Recognition's

Let's Discuss Your Project!

Share the details of your project like scope or business challenges. Our team will carefully study them and then we’ll figure out the next move together.