Requirements: A web server (Apache 2), Firefox (preferably 2.0), and FoxyProxy, either an account on iFriends or both a flash decompiler and macromedia flash mx.
Download and install Apache 2 from apache.org.
http://httpd.apache.org/download.cgi You probably want the Win32 Binary
We'll get back to Apache later.
Download and install FoxyProxy. https://addons.mozilla.org/firefox/2464/
Once Firefox has restarted, double click on the FoxyProxy logo in the Firefox tray and then click "Add New Proxy". Make sure "Enabled" is checked, and give it the name "iFriends", and then click the "Proxy Details" tab, and for "HTTP Proxy", put "127.0.0.1" (without the quotes), and for the port put "80" (again, without the quotes) and then click the Patterns tab, click "Add New Pattern", again, make sure "Enabled" is checked, for pattern name, put "iFriends", and for pattern put "http?://flash?\.ifriends\.net/.*\.swf.*" (without quotes), and make sure that both "Whitelist" and "Regular Expression" are selected. Click "OK" on each window until all the FoxyProxy windows are gone.
Right click on the FoxyProxy icon and select "Completely disable FoxyProxy". We need FoxyProxy to be off for the next step.
If you have an iFriends account, look for a chathost utilizing EasyCam who has a "Free to Private" session going, and enter that session, once inside, right click the page and goto "View Page Info", and then select the "Media" tab, you want to look for a file called "LSChatView.swf", once you see it in the list, click it, and then click "Save As...", and save it somewhere you can find it later...
If you don't have an iFriends account, and do not wish to get one, find a chathost utilizing EasyCam, and enter their Guest Chatroom, follow the steps above, except look for a file named "LSChatViewG.swf" instead... this is the flash file for guest chats. Once you've downloaded this file, you'll need to use a Flash decompiler to decompile this file, and then delete the privacy screen and recompile it.
Once you have your "LSChatView.swf", rename it to "LSChatViewG.swf" and place it inside your Apache document root. This is usually "C:\program file\apache\htdocs", but you can find out for sure by reading your apache configuration file. If you've done everything correctly, you should now be able to enter any EasyCam chatroom in "Guest Chat" without a privacy screen to block anything.
Saturday, February 10, 2007
Wednesday, February 7, 2007
iFriends.net Exploit allows free viewing of private video chat
First, let me begin, I have attempted to contact iFriends, and given them time to correct this exploit, but they seem uninterested in the problem, and as a thank you to me for pointing this out, they've blocked my IP address, so I cannot verify if they have corrected the issue. I am therefore making this exploit public in order to encourage them to fix the issue. Please be aware that actually exploiting iFriends' system to view host's webcams without authorization is NOT encouraged. Chathosts, however, I do encourage you to contact iFriends and demand they fix this, and in the mean time refrain from using the EasyCam method (as it is the only method effected).
Here is the contents of the e-mail I sent to iFriends on Sunday, February 4th:
This exploit effects the websites iFriends.net, TotallyFreeCams.com, SizzlingCams.com, and IncredibleCams.com. Chathosts are encourages to stop using the EasyCam method until iFriends has announced a solution.
Let me again make it clear... the reason I am releasing information about this exploit is that I feel that if such an exploit effects the privacy of the chathosts of iFriends.net, those chathosts have the right to know about such an exploit.
Here is the contents of the e-mail I sent to iFriends on Sunday, February 4th:
It has come to my attention that guests have the ability to view private and pay sessions free of charge. This is due to the weak security of the "privacy screen". Using a flash decompiler, one can download the flash used on your website, decompile it, remove the privacy filter, and recompile it... then, using a proxy configured to pass through all traffic, except for the flash files on your end, the person wishing to exploit your system can serve their modified flash files in place of yours. This allows complete and 100% uncensored access to the stream, that does not end when a session is taken private... This uncensored guest access access applies to the entire Cat Call platform, plus iFriends.net for any chathost utilizing the flash "EasyCam" software. Since users are guests, all region blocking in place by the chathost is also completely ignored. This is a huge privacy issue, and demands your immediate attention.
This exploit effects the websites iFriends.net, TotallyFreeCams.com, SizzlingCams.com, and IncredibleCams.com. Chathosts are encourages to stop using the EasyCam method until iFriends has announced a solution.
Let me again make it clear... the reason I am releasing information about this exploit is that I feel that if such an exploit effects the privacy of the chathosts of iFriends.net, those chathosts have the right to know about such an exploit.
Subscribe to:
Posts (Atom)
