We often hear people touting the evilness of DRM, but usually they are talking about the idea of ownership. In this case, DRM is actually causing harm. It turns out that Microsoft’s msnetobj.dll, which is supposed to enforce DRM on your computer, stopping you from doing certain things like saving files you don’t “own” is open to 3 attacks. Vulnerable to buffer overflow, integer overflow, and denial of service, this sucker is riddled with issues.
The vulnerabilities in this file aren’t groundbreaking. Buffer overflow is a common method to get to many systems. The problem here, according to some commenters at BoingBoing, is the fact that this DLL is called every time you open a media file.
[via BoingBoing]
Why is this on HaD?
Also RIP milw0rm.com =]
Luckily, nobody here would use such a ridiculous system. Right?
its on hackaday because they forgot they arent SlashDot again
A bit more detail about when the faulty DLL gets used would be interesting.
Write a virus that uses this vuln and let it remove all DRM-stuff it finds :D
Also, milw0rm has been dead for about a year.
“its on hackaday because they forgot they arent SlashDot again”
well to be fair slashdot is too busy forgetting they are not macworld so someone has to do it
“… the fact that this DLL is called every time you open a media file”
Then don’t use a player that uses that DLL ;)
Btw, what does this have to do with hacking?
Anyone else remember when Sony opened up PCs to rootkits with their ridiculous music DRM a while back…
Why don’t one of you guys write a fix/ exploit for M$’ msnetobj.dll instead of complaining why its here, and give Hack-a-day something more to post about?
OMG someone please code a new msnetobj.dll because i don’t want to be able to possess any music that i didn’t pay for and thus legally own the right to play in my own home or car, as long as it is not duplicated and played at a volume where someone who didn’t pay for the song might hear it.
Damn Radio Music.
idk what milw0rm is but i use btjunkie.org for my legal torrenting pleasure and they seem to have been under attack recently or maybe it really is just massive server load from all the traffic that moved to btjunkie after tpb and the others got shutdown. i never used any of the ones that got shutdown anyway
TPB is online…?
Awwww yaaaaa, metasploit payload on its way comrades, keep up the good work!
yeah it does seem to be online. idk my friend said they got shut down & novatorrent or some shit but i never used TPB because of all the bullshit, i can deal with 2 ads and the ease of use of btjunkie, plus its easier to distinguish real from fake
TPB didn’t get shut down. thepiratecity.org was the one that was shut down
“Why is this on HaD?”
Because HaD remembered they aren’t arduinohacks.com
Ok, so you can overflow the buffer…
How is that an exploit? Can I execute code or get remote access?
M4CGYV3R her you can remote access.
remember code red from 2000 and 2001? it was the string from byte 256 or 257 and on in a web page url.
the iis servers did not check the length of the buffer.
now that has been solved because sites like ebay allows very long urls by the time you get lots of excluded keywords in there.
so why couldnt they do it again and check the length of the buffer whether it is a text entry field like this comment box or the length of the file and not allow it to run.
It’s funny really, I can’t seam to find msnetobj.dll on my computer, maybe it’s hiding in /lib?
@sexiewasd
i did a “locate msnetobj.dll” and still can’t seam to find it either
@sexiwasd
Are you running as root?
Maybe you should try running updatedb first?
If you still can’t find it I’ll bet Richard Bloody Stallman stole it!
@sexiwasd
try
#updatedb
first
if it still doesn’t turn up – blame Richard Stallman
@spit – That’s St. Stallman to you! :)
As for not finding it, w7 is particularly authoritarian in hiding files, it’s located in windows/system32 as well as windows/syswow64 if you run a 64bit flavor.
And as for not using a player that uses it, that would not work since then you still have the preview icon that’s created by windows, so you’d have to remove previews again (again since windows had a similar issues twice already)
And even then, most players that have their own codecs still fall back to windows stuff when meeting some formats.
I have my own question to add: Did anybody at MS ever code anything with some kind of check on the input to stop buffer overflow? Or did gates fire you if you showed competence?
@spit He’d delete it not steal it.
Another good reason to switch to Linux. On my last computer build I used Ubuntu and then I switched my server to Debian. Next I switched my kitchen computer to Linux Mint and I am now Microsoft free. There was a big learning curve after running Windows for so many years so I look at that as a “hack”. Well worth the effort, give it a try.
for the love of god!!! … stop posting this …
they will fix it.. muahahahha :P
or we think