mailing list archives
From: Dave Aitel <dave () immunityinc com>
Date: Thu, 21 Mar 2013 12:34:11 -0400
Angel <http://en.wikipedia.org/wiki/Angel_%28Buffyverse%29>: And
Buffy, be careful with this gift. A lot of things that seem strong
and good and powerful, they can be painful.
Buffy <http://en.wikipedia.org/wiki/Buffy_Summers>: Like, say...
Angel: Exactly. I'm dying to get rid of that.
We put the 32 bit (or we will shortly) version of the PTRACE exploit
into CANVAS Early Updates. I know there are not a lot of 32-bit machines
around who need to be owned, but you never know. We also updated the 64
bit version, so if you already downloaded that, you'll want to update.
Also, we released a new CANVAS, and the best new exploit in it is
the new Adobe Flash Regex exploit.
I know there's some sort of malware
uses this vulnerability but one of the advantages of using CANVAS is
that you get a working version of this exploit that AV's can't catch
(it's hard to build generic detection for this sort of thing). We've
done a ton of QA on it as well, and it does magic info-leaks and various
other tricks to do things properly. I know the team went back and forth
with a few strategies during the process of building it. It's fun to
watch - one of the small pleasures of the job.
Description: OpenPGP digital signature
Dailydave mailing list
Dailydave () lists immunityinc com
- Gifts Dave Aitel (Mar 21)