lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: liudieyuinchina at yahoo.com.cn (Liu Die Yu)
Subject: "windows update activex"

if someone got something like that, i can get the
digest of that EXE. and your EXE can pass WinTrust
check.

THEN:
cross-site scripting 
= update windows box with buggy software automatically
= remote system compromise

and all we use is normal "windows update" features.
:-)

great prosperity.

die

 --- Georgi Guninski <guninski@...inski.com> 的正文:>
Liu Die Yu wrote:
> > BUT it's hard for the attacker to execute his EXE.
> > i've traced into the module("IUENGINE.TEXT").
> > 
> 
> Has someone tried downgrading windoze by installing
> old signed stuff (probably a
> very old m$ patch as exe will do, or just some old
> signed installer from m$)?
> After downgrading, old bugs start working.
> 
> georgi
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html 

_________________________________________________________
Do You Yahoo!? 
国内电邮用户反垃圾调查拉开帷幕
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.tech.yahoo.com/zhuanti/laji/index.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ