Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Reverse Engineering WMF Exploit Code

Reverse Engineering WMF Exploit Code

From: Gadi Evron <ge_at_linuxbox.org>
Date: Tue, 17 Jan 2006 20:47:48 +0200

Websense has done a lot of work on WMF since first alerting about it
publically (yep, that was them), and in fact, along with many others,
helped with alerting us to many malicious sites hosting bad WMF files so
that they can be taken down.

Their latest blog entry is:
Reverse Engineering WMF Exploit Code

Quote ----->>
Jan 17 2006 10:33AM
As we have reported, there are still thousands of websites hosting WMF
exploit code.Since we have been analyzing several of these, we thought
we would share some stepsin researching the behavior of the what the
exploit code is doing.

This video displays malicious WMF Files debugging. It shows how you can
easily locate and debug the embedded shell code of WMF files, to find
out what it was supposed to do.
-----

URL is: http://www.websensesecuritylabs.com/blog/

Direct URL to the Flash video:
http://www.websensesecuritylabs.com/images/alerts/wmf.html

        Gadi.
Received on Jan 17 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos