Log4 bad for Freenet?

[coderman]

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday, December 16, 2021 6:59 PM, professor rat <pro2rat at yahoo.com.au> wrote:

> https://www.lawfareblog.com/whats-deal-log4shell-security-nightmare
>
> Java bug scaring the Beejesus out of a lot of folks


leveraging LDAP for lulz, it's pretty funny :P

---

long long ago, someone leveraged webdav for Tor exploit
(map your log, hidden service, etc. to webdav remote :)

have to love these WTF vuln chains :P~


best regards,

---

https://archives.seul.org/or/announce/Sep-2007/msg00000.html

n Thu, Aug 02, 2007 at 06:19:18PM -0400, Roger Dingledine wrote:
> Tor 0.1.2.16 fixes a critical security vulnerability that allows a
> remote attacker in certain situations to rewrite the user's torrc
> configuration file. This can completely compromise anonymity of users
> in most configurations, including those running the Vidalia bundles,
> TorK, etc. Or worse.

Here are the further details that we promised:

In a nutshell, a malicious website or Tor exit node can give the Tor
user a page that includes a POST element directed to Tor's control port
(localhost:9051). Tor binds its control port only to localhost to avoid
letting untrusted people send it commands, but the attacker skips past
this protection by making the browser do the connection. And the user
doesn't even have to click on anything if she's got javascript enabled.

This particular attack worked because Tor's control protocol gave an
error message on unrecognized commands but didn't hang up. So all the
http headers from the POST were unrecognized commands, and eventually
we got to the payload -- which contains recognized commands -- and it
went bad from there.

[ EDITOR'S NOTE: the bad from there was mapping your local service ports to an onion, storing that onion key and hostname on attacker webdav server, and then joining the rogue Tor network with your private internal network now mapped to attacker address space... :]