| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 31 Oct 2007 19:34:50 -0400 From: "Dude VanWinkle" <dudevanwinkle@...il.com> To: "Joshua Tagnore" <joshua.tagnore@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Flash that simulates virus scan On 10/31/07, Joshua Tagnore <joshua.tagnore@...il.com> wrote: > List, > > Some time ago I remember that someone posted a PoC of a small site that > had a really nice looking flash animation that "performed a virus scan" and > after the "virus scan" was finished, the user was prompted for a "Download > virus fix?" question. After that, of course, a file is sent to the user and > he got infected with some malware. Right now I'm performing a penetration > test, and I would like to target some of the users of the corporate LAN, so > I think this approach is the best in order to penetrate to the LAN. > > I searched google but failed to find the URL, could someone send it to > me ? Thanks! You can always use the 'ol drop-a-usb-flash-drive-in-the-parking-lot trick. I find it helps if you label it "2006 salary report" or "Classified- 2008 Layoffs". This usually does the trick if autorun is enabled on workstations. If you can find a way to create cdfs formatted pen drives, lemme know. Don't forget to chop your keylogger in half with hex editors till you find the signature and then edit it so they no longer detect you. -JP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists