lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20030721122026.89789.qmail@web15301.mail.bjs.yahoo.com>
From: liudieyuinchina at yahoo.com.cn (Liu Die Yu)
Subject: "windows update activex"

i haven't tested it yet.

perhaps downgrading will not work - all patches need
to check current version.

i think the weakest point is:
some out-of-date EXE component that is signed by MS
but NOT installed on windows box with default
settings.

and even better:
it doesn't require reboot.

so we don't downgrade windows, we add new functions.
:-)

do you have some EXE like that?
(if so, this kind of attack will SURELY work)

die


 --- Georgi Guninski <guninski@...inski.com> 的正文:>
Liu Die Yu wrote:
> > BUT it's hard for the attacker to execute his EXE.
> > i've traced into the module("IUENGINE.TEXT").
> > 
> 
> Has someone tried downgrading windoze by installing
> old signed stuff (probably a
> very old m$ patch as exe will do, or just some old
> signed installer from m$)?
> After downgrading, old bugs start working.
> 
> georgi
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html 

_________________________________________________________
Do You Yahoo!? 
国内电邮用户反垃圾调查拉开帷幕
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.tech.yahoo.com/zhuanti/laji/index.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ