| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Jul 2008 07:21:09 -0300 From: "[ISR] - Infobyte Security Research" <noreply@...obyte.com.ar> To: bugtraq@...urityfocus.com Subject: Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations -- ISR - Infobyte Security Research -- | ISR-evilgrade | www.infobyte.com.ar | ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates. * How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victim dns traffic. Attack vectors: --------------------- Internal scenary: (Internal DNS access,ARP spoofing,DNS Cache Poisoning, DHCP spoofing) External scenary: (Internal DNS access,DNS Cache Poisoning) * What are the supported OS? The framework is multiplaform, it only depends of having the right payload for the target platform to be exploited. Implemented modules: --------------------------------- - Java plugin - Winzip - Winamp - MacOS - OpenOffices - iTunes - Linkedin Toolbar - DAP [Download Accelerator] - notepad++ - speedbit ..:: DEMO Demo feature - (Java plugin + Dan Kaminsky´s Dns vulnerability) = remote pwned. http://www.infobyte.com.ar/demo/evilgrade.htm ..:: AUTHOR Francisco Amato famato+at+infobyte+dot+com+dot+ar ..:: DOWNLOAD http://www.infobyte.com.ar/developments.html ..:: MORE INFORMATION Presentation: http://www.infobyte.com.ar/down/Francisco-Amato-evilgrade-ENG.html
Powered by blists - more mailing lists