Re: [Full-disclosure] Flash that simulates virus scan
- From: "Dude VanWinkle" <dudevanwinkle@xxxxxxxxx>
- Date: Wed, 31 Oct 2007 19:34:50 -0400
On 10/31/07, Joshua Tagnore <joshua.tagnore@xxxxxxxxx> wrote:
List,
Some time ago I remember that someone posted a PoC of a small site that
had a really nice looking flash animation that "performed a virus scan" and
after the "virus scan" was finished, the user was prompted for a "Download
virus fix?" question. After that, of course, a file is sent to the user and
he got infected with some malware. Right now I'm performing a penetration
test, and I would like to target some of the users of the corporate LAN, so
I think this approach is the best in order to penetrate to the LAN.
I searched google but failed to find the URL, could someone send it to
me ? Thanks!
You can always use the 'ol drop-a-usb-flash-drive-in-the-parking-lot
trick. I find it helps if you label it "2006 salary report" or
"Classified- 2008 Layoffs". This usually does the trick if autorun is
enabled on workstations. If you can find a way to create cdfs
formatted pen drives, lemme know.
Don't forget to chop your keylogger in half with hex editors till you
find the signature and then edit it so they no longer detect you.
-JP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: [Full-disclosure] ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability
- Next by Date: Re: [Full-disclosure] spammer wades into US Presidential race
- Previous by thread: [Full-disclosure] ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability
- Next by thread: Re: [Full-disclosure] Flash that simulates virus scan
- Index(es):
Relevant Pages
|
|
