[Full-disclosure] Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations
- From: "[ISR] - Infobyte Security Research" <noreply@xxxxxxxxxxxxxxx>
- Date: Mon, 28 Jul 2008 07:19:54 -0300
-- ISR - Infobyte Security Research
-- | ISR-evilgrade | www.infobyte.com.ar |
ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.
* How does it work?
It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems.
Evilgrade needs the manipulation of the victim dns traffic.
Internal scenary: (Internal DNS access,ARP spoofing,DNS Cache Poisoning, DHCP spoofing)
External scenary: (Internal DNS access,DNS Cache Poisoning)
* What are the supported OS?
The framework is multiplaform, it only depends of having the right payload for the target platform to be exploited.
- Java plugin
- Linkedin Toolbar
- DAP [Download Accelerator]
Demo feature - (Java plugin + Dan Kaminsky´s Dns vulnerability) = remote pwned.
..:: MORE INFORMATION
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] simple phishing fix
- Next by Date: Re: [Full-disclosure] how to request a cve id?
- Previous by thread: [Full-disclosure] [SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities
- Next by thread: [Full-disclosure] Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Vulnerability