Exploits are chameleons

[dave aitel <dave () immunityinc com>]

To mathematicians, exploits are proofs to theorems. To foreign policy
people who specialize in export control, they are "dual-use items", and
to people in information security they are simply ground truths of our
shifting domains.

To state it more simply: Vendor advisories lie to you. Or they present
"alternative truths", sometimes on purpose, sometimes not. Exploits are
your only way to dispel this action in a definitive way. We spend a lot
of time (usually about a month) on each CANVAS exploit pushing it as far
as we can, in order to make it "clicky clicky" as we say internally.
Some exploits (badtunnel for example) can never really be made reliable
in the field. Others, like the apport exploit released this week, go
beyond the public POC in a way that makes it possible to easily use for
penetration tests against organizations that use Linux as their
workstation/desktop OS. Also this month, we released a version of
MS15-076
<https://technet.microsoft.com/en-us/library/security/ms15-076.aspx>,
which, while old, is useful as a way to understand how to exploit that
kind of bug primitive in the wild.

What's possible and what's probable are completely different things, but
it's good to get at least some data you can trust on that sort of thing.

-dave


_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave