• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Adblock(Plus), uBlock Filters Can Be Exploited to Run Malicious Code

Status
Not open for further replies.
Joined
Jan 5, 2006
Messages
17,693 (2.66/day)
System Name AlderLake / Laptop
Processor Intel i7 12700K P-Cores @ 5Ghz / Intel i3 7100U
Motherboard Gigabyte Z690 Aorus Master / HP 83A3 (U3E1)
Cooling Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut Extreme + 5 case fans / Fan
Memory 32GB DDR5 Corsair Dominator Platinum RGB 6000MHz CL36 / 8GB DDR4 HyperX CL13
Video Card(s) MSI RTX 2070 Super Gaming X Trio / Intel HD620
Storage Samsung 980 Pro 1TB + 970 Evo 500GB + 850 Pro 512GB + 860 Evo 1TB x2 / Samsung 256GB M.2 SSD
Display(s) 23.8" Dell S2417DG 165Hz G-Sync 1440p / 14" 1080p IPS Glossy
Case Be quiet! Silent Base 600 - Window / HP Pavilion
Audio Device(s) Panasonic SA-PMX94 / Realtek onboard + B&O speaker system / Harman Kardon Go + Play / Logitech G533
Power Supply Seasonic Focus Plus Gold 750W / Powerbrick
Mouse Logitech MX Anywhere 2 Laser wireless / Logitech M330 wireless
Keyboard RAPOO E9270P Black 5GHz wireless / HP backlit
Software Windows 11 / Windows 10
Benchmark Scores Cinebench R23 (Single Core) 1936 @ stock Cinebench R23 (Multi Core) 23006 @ stock
An exploit has been discovered that could allow ad blocking filter list maintainers for the Adblock Plus,
AdBlock, uBlock and uBlocker browser extensions to create filters that inject remote scripts into web sites.
With ad blockers having a a user base of over 10 million installs, if malicious scripts were injected it would have a huge impact as they could perform unwanted activity such as stealing cookies,
login credentials, causing page redirects, or other unwanted behavior.

https://www.bleepingcomputer.com/ne...lters-can-be-exploited-to-run-malicious-code/

UBlock Origin seems unaffected as it doesn't use the $rewrite-function.
https://tweakers.net/nieuws/151612/...rs-zijn-te-misbruiken-voor-code-injectie.html
 
Last edited:
Joined
Sep 17, 2014
Messages
20,782 (5.97/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define R5
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse XTRFY M42
Keyboard Lenovo Thinkpad Trackpoint II
Software W10 x64
Another reason to get Ublock Origin, its not like the alternatives were that great to begin with.
 

FreedomEclipse

~Technological Technocrat~
Joined
Apr 20, 2007
Messages
23,314 (3.77/day)
Location
London,UK
System Name Codename: Icarus Mk.VI
Processor Intel 8600k@Stock -- pending tuning
Motherboard Asus ROG Strixx Z370-F
Cooling CPU: BeQuiet! Dark Rock Pro 4 {1xCorsair ML120 Pro|5xML140 Pro}
Memory 32GB XPG Gammix D10 {2x16GB}
Video Card(s) ASUS Dual Radeon™ RX 6700 XT OC Edition
Storage Samsung 970 Evo 512GB SSD (Boot)|WD SN770 (Gaming)|2x 3TB Toshiba DT01ACA300|2x 2TB Crucial BX500
Display(s) LG GP850-B
Case Corsair 760T (White)
Audio Device(s) Yamaha RX-V573|Speakers: JBL Control One|Auna 300-CN|Wharfedale Diamond SW150
Power Supply Corsair AX760
Mouse Logitech G900
Keyboard Duckyshine Dead LED(s) III
Software Windows 10 Pro
Benchmark Scores (ノಠ益ಠ)ノ彡┻━┻
good thing i switched to Ublock Origin a long time ago. I made the switch when adblock started taking payments to allow ads from certain companies or on certain websites -- Nope. I use an adblocker to block ads not carry on allowing them to pop up.
 
Joined
Sep 17, 2014
Messages
20,782 (5.97/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define R5
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse XTRFY M42
Keyboard Lenovo Thinkpad Trackpoint II
Software W10 x64
good thing i switched to Ublock Origin a long time ago. I made the switch when adblock started taking payments to allow ads from certain companies or on certain websites -- Nope. I use an adblocker to block ads not carry on allowing them to pop up.

Yeah that sealed the deal for me too, I used to have ABP until they announced that. Its so fundamentally wrong for an adblocker to start accepting payments to filter certain things and allow others.
 
Joined
Dec 10, 2014
Messages
1,325 (0.39/day)
Location
Nowy Warsaw
System Name SYBARIS
Processor AMD Ryzen 5 3600
Motherboard MSI Arsenal Gaming B450 Tomahawk
Cooling Cryorig H7 Quad Lumi
Memory Team T-Force Delta RGB 2x8GB 3200CL16
Video Card(s) Colorful GeForce RTX 2060 6GV2
Storage Crucial MX500 500GB | WD Black WD1003FZEX 1TB | Seagate ST1000LM024 1TB | WD My Passport Slim 1TB
Display(s) AOC 24G2 24" 144hz IPS
Case Montech Air ARGB
Audio Device(s) Massdrop + Sennheiser PC37X | QKZ x HBB
Power Supply Corsair CX650-F
Mouse Razer Viper Mini | Cooler Master MM711 | Logitech G102 | Logitech G402
Keyboard Drop + The Lord of the Rings Dwarvish
Software Windows 10 Education 22H2 x64
Seriously the guy developing uBlock Origin is awesome. Presence is almost every browser out there and he/she doesn't even take a dime. He doesn't even wanna take donation so as to not get attached to what he considers a hobby. I'm gonna be sad the day he abandons it :(
 
Joined
Jul 21, 2015
Messages
501 (0.16/day)
I recommend using a Pi to run the home DNS server "PiHole". It can use the Ublock Origin lists and many others.
It uses some of the same domain lists, but PiHole and uBO are two entirely different animals that complement each other. Most of uBO's lists by their nature do not work in PiHole. PiHole is a DNS blocker that can only block whole domains, while uBO is an element blocker - it can block certain elements from a particular domain while allowing others. This is why uBO can block for example inline ads on Youtube while PiHole can not.
 
Last edited:
Joined
Jul 31, 2014
Messages
479 (0.14/day)
System Name Diablo | Baal | Mephisto | Andariel
Processor i5-3570K@4.4GHz | 2x Xeon X5675 | i7-4710MQ | i7-2640M
Motherboard Asus Sabertooth Z77 | HP DL380 G6 | Dell Precision M4800 | Lenovo Thinkpad X220 Tablet
Cooling Swiftech H220-X | Chassis cooled (6 fans + HS) | dual-fanned heatpipes | small-fanned heatpipe
Memory 32GiB DDR3-1600 CL9 | 96GiB DDR3-1333 ECC RDIMM | 32GiB DDR3L-1866 CL11 | 8GiB DDR3L-1600 CL11
Video Card(s) Dual GTX 670 in SLI | Embedded ATi ES1000 | Quadro K2100M | Intel HD 3000
Storage many, many SSDs and HDDs....
Display(s) 1 Dell U3011 + 2x Dell U2410 | HP iLO2 KVMoIP | 3200x1800 Sharp IGZO | 1366x768 IPS with Wacom pen
Case Corsair Obsidian 550D | HP DL380 G6 Chassis | Dell Precision M4800 | Lenovo Thinkpad X220 Tablet
Audio Device(s) Auzentech X-Fi HomeTheater HD | None | On-board | On-board
Power Supply Corsair AX850 | Dual 750W Redundant PSU (Delta) | Dell 330W+240W (Flextronics) | Lenovo 65W (Delta)
Mouse Logitech G502, Logitech G700s, Logitech G500, Dell optical mouse (emergency backup)
Keyboard 1985 IBM Model F 122-key, Ducky YOTT MX Black, Dell AT101W, 1994 IBM Model M, various integrated
Software FAAAR too much to list
Joined
Aug 13, 2010
Messages
5,380 (1.08/day)
Imagine if there was a browser, that was like incredibly fast, free and has a built in blocker for ads and tracking.
Imagine if the founder of Mozilla would make such thing and call it like "brave" or something, and using it will make Chrome and FF look like a joke
 
Joined
Aug 26, 2016
Messages
50 (0.02/day)
Imagine if there was a browser, that was like incredibly fast, free and has a built in blocker for ads and tracking.
Imagine if the founder of Mozilla would make such thing and call it like "brave" or something, and using it will make Chrome and FF look like a joke
Not the same. One of them has a 3. party and the other has already built in its own engine source when it was established.
 
Joined
Mar 24, 2019
Messages
619 (0.34/day)
Location
Denmark - Aarhus
System Name Iglo
Processor 5800X3D
Motherboard TUF GAMING B550-PLUS WIFI II
Cooling Arctic Liquid Freezer II 360
Memory 32 gigs - 3600hz
Video Card(s) EVGA GeForce GTX 1080 SC2 GAMING
Storage NvmE x2 + SSD + spinning rust
Display(s) BenQ XL2420Z - lenovo both 27" and 1080p 144/60
Case Fractal Design Meshify C TG Black
Audio Device(s) Logitech Z-2300 2.1 200w Speaker /w 8 inch subwoofer
Power Supply Seasonic Prime Ultra Platinum 550w
Mouse Logitech G900
Keyboard Corsair k100 Air Wireless RGB Cherry MX
Software win 10
Benchmark Scores Super-PI 1M T: 7,993 s :CinebR20: 5755 point GeekB: 2097 S-11398-M 3D :TS 7674/12260
THX, changed to ublock.
 
Joined
Aug 11, 2014
Messages
866 (0.25/day)
Processor ryzen 5 5600x
Motherboard AB350m Pro4
Cooling custom loop
Memory TEAMGROUP T-Force TXKD416G3600HC18ADC01 16gbs XMP
Video Card(s) HP GTX1650 super 4gb
Storage MZVLB256HBHQ-000H1 PM981a (256GB)/3TB HDD
Display(s) Nitro XF243Y Pbmiiprx
Case Rosewill CULLINAN
Audio Device(s) onboard
Power Supply Corsair 750w
Mouse Best Buy Insignia
Keyboard Best Buy Insignia
Software Win 10 pro
nice catch, thanks for the heads up!
 
Joined
Jul 18, 2007
Messages
2,693 (0.44/day)
System Name panda
Processor 6700k
Motherboard sabertooth s
Cooling raystorm block<black ice stealth 240 rad<ek dcc 18w 140 xres
Memory 32gb ripjaw v
Video Card(s) 290x gamer<ntzx g10<antec 920
Storage 950 pro 250gb boot 850 evo pr0n
Display(s) QX2710LED@110hz lg 27ud68p
Case 540 Air
Audio Device(s) nope
Power Supply 750w superflower
Mouse g502
Keyboard shine 3 with grey, black and red caps
Software win 10
Benchmark Scores http://hwbot.org/user/marsey99/
Any plugin you use with your browser could be exploited....
 
Joined
Jul 18, 2007
Messages
2,693 (0.44/day)
System Name panda
Processor 6700k
Motherboard sabertooth s
Cooling raystorm block<black ice stealth 240 rad<ek dcc 18w 140 xres
Memory 32gb ripjaw v
Video Card(s) 290x gamer<ntzx g10<antec 920
Storage 950 pro 250gb boot 850 evo pr0n
Display(s) QX2710LED@110hz lg 27ud68p
Case 540 Air
Audio Device(s) nope
Power Supply 750w superflower
Mouse g502
Keyboard shine 3 with grey, black and red caps
Software win 10
Benchmark Scores http://hwbot.org/user/marsey99/
Not easily. This has to do with the way plugin are run by the browser.

If you wanted to create it to leave a backdoor, it's easy.

You need to be weary of all plugins you use. People can just be too trusting of software devs.
 
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
If you wanted to create it to leave a backdoor, it's easy.
While that is true, the plugin vulnerability would soon be discovered and removed. Additionally, it is a serious crime in most countries to deliberately engineer such a backdoor into software.
 
Joined
Jul 18, 2007
Messages
2,693 (0.44/day)
System Name panda
Processor 6700k
Motherboard sabertooth s
Cooling raystorm block<black ice stealth 240 rad<ek dcc 18w 140 xres
Memory 32gb ripjaw v
Video Card(s) 290x gamer<ntzx g10<antec 920
Storage 950 pro 250gb boot 850 evo pr0n
Display(s) QX2710LED@110hz lg 27ud68p
Case 540 Air
Audio Device(s) nope
Power Supply 750w superflower
Mouse g502
Keyboard shine 3 with grey, black and red caps
Software win 10
Benchmark Scores http://hwbot.org/user/marsey99/
Go talk to Intel about that.

Or belkin, or a whole host of other companies that left exploits open for the alphabet agencies dude.

Not hard to deny it, even harder to prove it was deliberately put in place :/
 
Joined
Jul 31, 2014
Messages
479 (0.14/day)
System Name Diablo | Baal | Mephisto | Andariel
Processor i5-3570K@4.4GHz | 2x Xeon X5675 | i7-4710MQ | i7-2640M
Motherboard Asus Sabertooth Z77 | HP DL380 G6 | Dell Precision M4800 | Lenovo Thinkpad X220 Tablet
Cooling Swiftech H220-X | Chassis cooled (6 fans + HS) | dual-fanned heatpipes | small-fanned heatpipe
Memory 32GiB DDR3-1600 CL9 | 96GiB DDR3-1333 ECC RDIMM | 32GiB DDR3L-1866 CL11 | 8GiB DDR3L-1600 CL11
Video Card(s) Dual GTX 670 in SLI | Embedded ATi ES1000 | Quadro K2100M | Intel HD 3000
Storage many, many SSDs and HDDs....
Display(s) 1 Dell U3011 + 2x Dell U2410 | HP iLO2 KVMoIP | 3200x1800 Sharp IGZO | 1366x768 IPS with Wacom pen
Case Corsair Obsidian 550D | HP DL380 G6 Chassis | Dell Precision M4800 | Lenovo Thinkpad X220 Tablet
Audio Device(s) Auzentech X-Fi HomeTheater HD | None | On-board | On-board
Power Supply Corsair AX850 | Dual 750W Redundant PSU (Delta) | Dell 330W+240W (Flextronics) | Lenovo 65W (Delta)
Mouse Logitech G502, Logitech G700s, Logitech G500, Dell optical mouse (emergency backup)
Keyboard 1985 IBM Model F 122-key, Ducky YOTT MX Black, Dell AT101W, 1994 IBM Model M, various integrated
Software FAAAR too much to list
Go talk to Intel about that.

Or belkin, or a whole host of other companies that left exploits open for the alphabet agencies dude.

Not hard to deny it, even harder to prove it was deliberately put in place :/

Why deliberately engineer a backdoor in when it's easier to just find one in there from careless devs? People exploit vulns perfectly well enough without needing to spend lots of time and effort crafting malicious code that need to go through code review, fuzzing and a whole host of security-related layers, and reveal specific sources.
 
Joined
Sep 17, 2014
Messages
20,782 (5.97/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define R5
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse XTRFY M42
Keyboard Lenovo Thinkpad Trackpoint II
Software W10 x64
Why deliberately engineer a backdoor in when it's easier to just find one in there from careless devs? People exploit vulns perfectly well enough without needing to spend lots of time and effort crafting malicious code that need to go through code review, fuzzing and a whole host of security-related layers, and reveal specific sources.

This is actually usually how it goes. Backdoors aren't built, they're just left open and the key is passed on to someone who knows how to keep a secret. Everybody happy and none the wiser... until it comes out.
 
Joined
Jul 31, 2014
Messages
479 (0.14/day)
System Name Diablo | Baal | Mephisto | Andariel
Processor i5-3570K@4.4GHz | 2x Xeon X5675 | i7-4710MQ | i7-2640M
Motherboard Asus Sabertooth Z77 | HP DL380 G6 | Dell Precision M4800 | Lenovo Thinkpad X220 Tablet
Cooling Swiftech H220-X | Chassis cooled (6 fans + HS) | dual-fanned heatpipes | small-fanned heatpipe
Memory 32GiB DDR3-1600 CL9 | 96GiB DDR3-1333 ECC RDIMM | 32GiB DDR3L-1866 CL11 | 8GiB DDR3L-1600 CL11
Video Card(s) Dual GTX 670 in SLI | Embedded ATi ES1000 | Quadro K2100M | Intel HD 3000
Storage many, many SSDs and HDDs....
Display(s) 1 Dell U3011 + 2x Dell U2410 | HP iLO2 KVMoIP | 3200x1800 Sharp IGZO | 1366x768 IPS with Wacom pen
Case Corsair Obsidian 550D | HP DL380 G6 Chassis | Dell Precision M4800 | Lenovo Thinkpad X220 Tablet
Audio Device(s) Auzentech X-Fi HomeTheater HD | None | On-board | On-board
Power Supply Corsair AX850 | Dual 750W Redundant PSU (Delta) | Dell 330W+240W (Flextronics) | Lenovo 65W (Delta)
Mouse Logitech G502, Logitech G700s, Logitech G500, Dell optical mouse (emergency backup)
Keyboard 1985 IBM Model F 122-key, Ducky YOTT MX Black, Dell AT101W, 1994 IBM Model M, various integrated
Software FAAAR too much to list
This is actually usually how it goes. Backdoors aren't built, they're just left open and the key is passed on to someone who knows how to keep a secret. Everybody happy and none the wiser... until it comes out.

And that's why we like open-source software and tools like fuzzers and so on: it lets us find and fix those vulns faster and easier. Usually, anyways...

Overall the NSA, CIA and friends' intrusion teams (seem to) work independently from the defensive teams and the more conscientious parts of the industry and tell nothing. The defensive side, on the other hand do their damnedest to get info to devs for fixes to come out ASAP... to varying degrees of success depending on the vendor.
 
Joined
Sep 27, 2014
Messages
550 (0.16/day)
Usually a junior dev can afford to work for free.
But after a while live gets in the way and he needs to work to pay bills. At that point, if is good, is recruited by any of the "evil" companies.
So all in all the open software people are not better than the "other" people, because... they evolve in them. That's life.
 
Joined
Aug 20, 2007
Messages
20,714 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Additionally, it is a serious crime in most countries to deliberately engineer such a backdoor into software.

Actually, I'm unaware of any actual laws against it, provided such backdoor was not made with malicious intent.

So all in all the open software people are not better than the "other" people, because... they evolve in them. That's life.

Tell that to Stallman & Linus. I think they must've missed your memo.

At that point, if is good, is recruited by any of the "evil" companies.

Also kinda false because you HAVE to be good to get an open source project of any scale to accept a commit. They are generally C, which is a helluva language, and have submission standards that make my eyes water today.

Backdoors aren't built,

A "backdoor" is by definition, an intentionally engineered back entrance. They aren't just bugs. So of course they are intentional, what might be unintentional is leaving them in the final retail build...
 
Last edited:
Status
Not open for further replies.
Top