Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Flash that simulates virus scan

from [Dude VanWinkle] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Flash that simulates virus scan
Date: Wed, 31 Oct 2007 19:34:50 -0400 
On 10/31/07, Joshua Tagnore <joshua.tagnore@gmail.com> wrote:

List,

    Some time ago I remember that someone posted a PoC of a small site that
had a really nice looking flash animation that "performed a virus scan" and
after the "virus scan" was finished, the user was prompted for a "Download
virus fix?" question. After that, of course, a file is sent to the user and
he got infected with some malware. Right now I'm performing a penetration
test, and I would like to target some of the users of the corporate LAN, so
I think this approach is the best in order to penetrate to the LAN.

    I searched google but failed to find the URL, could someone send it to
me ? Thanks!


You can always use the 'ol drop-a-usb-flash-drive-in-the-parking-lot
trick. I find it helps if you label it "2006 salary report" or
"Classified- 2008 Layoffs". This usually does the trick if autorun is
enabled on workstations. If you can find a way to create cdfs
formatted pen drives, lemme know.

Don't forget to chop your keylogger in half with hex editors till you
find the signature and then edit it so they no longer detect you.

-JP

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability, zdi-disclosures
Next by Date:  Re: [Full-disclosure] spammer wades into US Presidential race, lsi
Previous by Thread:  Re: [Full-disclosure] Flash that simulates virus scan, jf
Next by Thread:  [Full-disclosure] ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities, zdi-disclosures
Indexes:  [Date] [Thread] [Top] [All Lists]