Thanks uBlock Origin!

Posted Aug 8, 2024 22:37 UTC (Thu) by GCMorGoHome (subscriber, #151226)
In reply to: Thanks uBlock Origin! by saffroy
Parent article: 0.0.0.0 Day: Exploiting Localhost APIs From the Browser (Oligo Security)

Thank you for verifying.

I decided to dig into this as well and found uBlock ships with an optional filter list under the "Privacy" section called "Block Outsider Intrusion into LAN". You can find the source on GitHub (https://github.com/uBlockOrigin/uAssets/blob/master/filte...) or in your uBlock settings if you have it installed.

I enabled this filter list and will see if anything breaks.

Thanks uBlock Origin!

Posted Aug 8, 2024 22:55 UTC (Thu) by Heretic_Blacksheep (guest, #169992) [Link]

Yeah, the rule isn't turned on by default. You have to manually enable it. Doing so will probably break some forms of cloud based control over devices on LANs, hence the default. It's also not entirely clear if the uBlock rule fully mitigates exploitation. In order to activate the rule, someone has to load the web page that contains the exploit rather than never allowing the functionality to begin with.

The problem isn't new. It was first pointed out to Mozilla in a bug report around 18 years ago. As others have pointed out, however, this isn't an easy fix because cloud based remote management over local resources via web browser is convenient, yet there's no easy and secure way to do it. All real implementations appear to involve nasty hacks and kludges.