<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: Vulnerability Disclosure

Re: Vulnerability Disclosure

From: Lincoln Yeoh <lyeoh_at_pop.jaring.my>
Date: Sun, 17 Jun 2007 03:36:14 +0800

At 01:10 AM 6/9/2007, Valdis.Kletnieks_at_vt.edu wrote:

>The *real* attack vector here is "Can you, as an outsider, get the sysadmin
>to run a installer script that *looks* OK at first glance, but ends up
>doing something untoward by abusing the setup.exe that the sysadmin sees
>in the script but doesn't actually look closely at"?

Sure.

Install notes:

perl Makefile.PL
make
make test
make install

If you look at the Windows malware - a lot of attackers don't even
care about getting "admin", just normal user privileges are good
enough to do what they want (zombies to send spam, DoS, etc).

cron jobs + LWP + Google + eval = fun, right?

Could always look in ~/Maildir etc for "Spam" to eval too.

Have a nice day ;).

Link.
Received on Jun 18 2007

This message: [ Message body ]
Next message: ptrim_at_ics.forth.gr: "CFP: 3rd European Conference on Computer Network Defense (EC2ND) in Crete, Greece"
Previous message: solemn: "Re: Static Code Analysis - Nuts and Bolts"
In reply to: Valdis.Kletnieks_at_vt.edu: "Re: Vulnerability Disclosure"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos