API tools faq
paste
Advertisement
Hex00010

Linux Mint - Domain Blocker - MintNanny - Hex00010

Hex00010
Jul 13th, 2012
520
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.25 KB | None | 0 0
raw download clone embed print report
  1. Im bored and decided to login to my Linux Mint - Default Install - LiveCD
  2.  
  3. I was roaming around looking at default applications that are installed
  4.  
  5. Now i know your thinking this is gonna be something cool to read - Well its not lol its just a flaw i found while reviewing the code for this particular application.
  6.  
  7.  
  8.  
  9. ---------------------------------------------------------------------------------------------
  10.  
  11.  
  12. What Im using - So you can see for your self
  13.  
  14. Download Linux Mint - I installed it with unetbootin for LiveCD
  15.  
  16. open up application name " Domain Blocker "
  17.  
  18. Domain Blocker blocks websites inputted by the System Admin to block sites from people to access.
  19.  
  20. While This Software is Heavily Not Recommended to be used in Live Production But then again there might be Some Places that might just use this - God forbid them using it But hey its whatever
  21.  
  22.  
  23. ----------------------------------------------------------------------------------------------
  24.  
  25. Anyways im just writing this up to make my already pastebin account even more l337er with more computer related Security Flaws
  26.  
  27. ppl post lame ass techniques for lame ass SQL's for web applications
  28.  
  29. Welll think of this like that except its used on default installations of Linux Mint - So its better xD
  30.  
  31. --------------------------------------------------------------------------------------------
  32.  
  33. Anyways mintNanny Does not Properly Check Security Restrictions Based off user's that input data into its software.
  34.  
  35. When you block a site - the Domain or IP is added into the /etc/hosts file | * Also it replicates its own pre-defined name to be placed in /tmp*
  36.  
  37. * Cough Cough Use your imagination with the /tmp/File_name * :)
  38.  
  39.  
  40. -----------------------------------------------------------------------------------------------
  41.  
  42.  
  43. Severity of this? Most if not everyone shouldnt have to worry about this - But then again there might be some little kid trying to go to a certain website at school or some shit and he just so happens to find out that Domain Blocker requires no Security Restrictions to enable or disable websites that are blocked by its software
  44.  
  45.  
  46.  
  47.  
  48.  
  49.  
  50. Twitter: https://twitter.com/Hex000101
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!