Penetration Testing: Re: Frameworks to exploit AV gw and Browser?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Frameworks to exploit AV gw and Browser?

From: "Richard Miles" <richard.k.miles () googlemail com>
Date: Sat, 3 Jan 2009 14:04:31 -0300

Hi HD.

There is nothing wrong with metasploit and browser_autopwn, it's
really good, I only asked to keep it off the list because I already
knew about it.

Regards and keep the good job.

On Wed, Dec 31, 2008 at 4:54 PM, H D Moore <sflist () digitaloffense net> wrote:

On Wednesday 31 December 2008, Richard Miles wrote:

One of this projects was a framework for client side "browser"
attacks. Where they had implemented a common evil web page which
detects technology the client use (java, flash, etc) and the browser
itself (IE, FF) and try different vectors of exploits which match.

Someone know this project? Or someone related?

off: please no metasploit stuff, since I already know about it.


If you already know about the browser_autopwn module, let us know what it
doesn't do to meet those requirements.

-HD

By Date By Thread

Current thread:

RE: Frameworks to exploit AV gw and Browser? alessandro telami (Jan 03)
- Re: Frameworks to exploit AV gw and Browser? Richard Miles (Jan 03)
- <Possible follow-ups>
- Re: Frameworks to exploit AV gw and Browser? Joshua Gimer (Jan 03)
- Re: Frameworks to exploit AV gw and Browser? H D Moore (Jan 03)
  - Re: Frameworks to exploit AV gw and Browser? Richard Miles (Jan 05)
- Re: Frameworks to exploit AV gw and Browser? Patrick Webster (Jan 06)