RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior
From: ashton (ashton_at_joltmedia.com)
Date: 12/19/03
- Previous message: Sharad Ahlawat: "Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco,"
- In reply to: Max: "RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior"
- Next in thread: Aaron_Yemm_at_NAI.com: "RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Max'" <max@maxandcarrie.com>, "'Pavel Kankovsky'" <peak@argo.troja.mff.cuni.cz> Date: Thu, 18 Dec 2003 22:53:05 -0500
I do not know that emule can use plugins at this time.
-ashton
-----Original Message-----
From: Max [mailto:max@maxandcarrie.com]
Sent: Thursday, December 18, 2003 3:32 PM
To: ashton; 'Pavel Kankovsky'
Cc: bugtraq@securityfocus.com
Subject: RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior
Does this same plugin system also apply to emule?
On Thu, 18 Dec 2003 07:03:17 -0500, ashton wrote
> 1. giFT is unix - until noted otherwise, so goodluck. 2. Windows
> Media is not P2P with a built in search of 1.2 million people for
> the "uber upload limit crack plugin" in which when loaded is an
> actual virus, it's very hard for joe average to get a harmful WMP
> plugin but with this method in Overnet it's too easy, plus they
> could propogate themselves through Overnet vulnerabilities on top.
>
> -----Original Message-----
> From: Pavel Kankovsky [mailto:peak@argo.troja.mff.cuni.cz]
> Sent: Wednesday, December 17, 2003 6:43 PM
> To: Julian Ashton
> Cc: bugtraq@securityfocus.com
> Subject: Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior
>
> On 17 Dec 2003, Julian Ashton wrote:
>
> > Good question, I have been working on plugin systems suchs as giFT and
> > Windows Media for quite a while and while they can do some neat
> > things, this kind of behavoir cannot happen because of the way they
> > were architechted. When I think of "plugins" I think of 1. An sdk. 2.
> > Methods that you create that the "client" listens for. 3. All code in
> > the plugin is sent to the "client" not the OS level. 4. Mainly COM
> > (this plugin uses full use of C++/MFC in a DLL)
>
> Excuse me...how do giFT or Windows Media prevent their plugins from
> accessing the OS interface directly and doing whatever they (the
> plugins) want to do? Do they run the plugins in a virtual machine?
>
> --Pavel Kankovsky aka Peak [ Boycott Microsoft--
> http://www.vcnet.com/bms ] "Resistance is futile. Open your source
> code and prepare for assimilation."
-- Open WebMail Project (http://openwebmail.org)
- Previous message: Sharad Ahlawat: "Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco,"
- In reply to: Max: "RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior"
- Next in thread: Aaron_Yemm_at_NAI.com: "RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
