| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <43CD3BC1.3090502@linuxbox.org> Date: Tue, 17 Jan 2006 20:47:29 +0200 From: Gadi Evron <ge@...uxbox.org> To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>, bugtraq@...urityfocus.com Subject: Reverse Engineering WMF Exploit Code Websense has done a lot of work on WMF since first alerting about it publically (yep, that was them), and in fact, along with many others, helped with alerting us to many malicious sites hosting bad WMF files so that they can be taken down. Their latest blog entry is: Reverse Engineering WMF Exploit Code Quote ----->> Jan 17 2006 10:33AM As we have reported, there are still thousands of websites hosting WMF exploit code.Since we have been analyzing several of these, we thought we would share some stepsin researching the behavior of the what the exploit code is doing. This video displays malicious WMF Files debugging. It shows how you can easily locate and debug the embedded shell code of WMF files, to find out what it was supposed to do. ----- URL is: http://www.websensesecuritylabs.com/blog/ Direct URL to the Flash video: http://www.websensesecuritylabs.com/images/alerts/wmf.html Gadi. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists