Re: Java Injector Proof of concept (POC)



From: "Jheto Xekri" <jheto2002@xxxxxxxxx>

This version is configured to inject a dropper to download an image
from our server, this version is concept model, the image below which
will be downloaded to your machine, this injector has been tested with
browsers: FireFox, Chrome, Safari, Opera and works 100%, this injector
only works if you browser have java enabled and is windows bassed.




Hardly anything new. Java Downloader trojans have used different methods for quite a
while so as for a Proof of Concept, you are late, it was already proven.
Example: JAVA/Jankem.D

Another example is utilizing the vulnerability/exploitation vector.


--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp


.