Home page logo

dailydave logo Dailydave mailing list archives

Walking on Sunshine
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 03 Feb 2014 15:32:04 -0500

Vanessa is playing upbeat happy music in the office all day, which is
making me optimistic. So hopefully everyone who gets this email will log
in and vote on the two new talks, especially considering JDuck made a
little sign in his own handwriting that says "Vote for me!" nicely.

Note that after voting it is customary to email admin () immunityinc com
and sign up for INFILTRATE itself. :>

Likewise, one thing we noticed when AlexM went back to run the
NDProxy.sys exploit is that RAS has to be running for the sandbox escape
to work. Which means somewhere the original hackers who used this had a
gold build and they KNEW their target was running RAS and XP SP3 which
enabled them to optimize for minimum exposure if they got caught. How
cool is that?

http://vimeo.com/85563832  <http://vimeo.com/85563832><---awesome video
go click it now!

We didn't point out in the video that CANVAS has postactions, so you
could theoretically update the Acrobat exploit (which is weirdly
reliable) to automatically use NDProxy to break you out to SYSTEM if
possible. Demos are more fun when there's some manual effort involved.

(Note: We still have a video for you on the Android Ad exploitation
effort coming out very....shortly...).


Attachment: signature.asc
Description: OpenPGP digital signature

Dailydave mailing list
Dailydave () lists immunityinc com

  By Date           By Thread  

Current thread:
  • Walking on Sunshine Dave Aitel (Feb 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]