lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4159B507.9020606@sdf.lonestar.org>
From: bkfsec at sdf.lonestar.org (Barry Fitzgerald)
Subject: Re: Full-Disclosure digest, Vol 1 #1933 - 20

Geo. wrote:

>>>far-fetched.  Would it be possible to create a jpeg that would copy
>>>      
>>>
>itself to other drives on a shared network in an auto-executable
>position?  I suppose so... however, it would be noisy and probably
>wouldn't be amazingly successful.<<
>
>Picture a company full of users and a worm that copys the jpg file to
>\\machinename\c$\Documents and Settings\All Users\Desktop
>
>you think it might get a few clicks, especially if it had a harmeless yet
>tempting name like saturn.jpg
>
>Geo.
>
>  
>
I could think of even worse places to put it. 

Of course, some companies would fall victim to this, but in an even 
remotely secured network domain, you'd probably have to compromise a 
domain admin's system and try to spread on shares via that login.

          -Barry

p.s.  By making the inherent assumption here that admins would be less 
likely to get infected with this than average users and that the average 
network is even remotely secured, I'm probably (definately?) giving 
corporate networks more slack than they deserve.   Referring to this 
attack vector as "wouldn't be amazingly successful" is probably wildly 
optimistic on my part.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ