lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <43CD3BC1.3090502@linuxbox.org>
Date: Tue Jan 17 18:49:18 2006
From: ge at linuxbox.org (Gadi Evron)
Subject: Reverse Engineering WMF Exploit Code

Websense has done a lot of work on WMF since first alerting about it 
publically (yep, that was them), and in fact, along with many others, 
helped with alerting us to many malicious sites hosting bad WMF files so 
that they can be taken down.

Their latest blog entry is:
Reverse Engineering WMF Exploit Code

Quote ----->>
Jan 17 2006 10:33AM
As we have reported, there are still thousands of websites hosting WMF 
exploit code.Since we have been analyzing several of these, we thought 
we would share some stepsin researching the behavior of the what the 
exploit code is doing.

This video displays malicious WMF Files debugging. It shows how you can 
easily locate and debug the embedded shell code of WMF files, to find 
out what it was supposed to do.
-----

URL is: http://www.websensesecuritylabs.com/blog/

Direct URL to the Flash video: 
http://www.websensesecuritylabs.com/images/alerts/wmf.html

	Gadi.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ