[<prev] [next>] [day] [month] [year] [list]
Message-ID: <e9d9d4020712091215i5d3d97ccs9a13912ded807279@mail.gmail.com>
Date: Sun, 9 Dec 2007 14:15:09 -0600
From: reepex <reepex@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Flash that simulates virus scan
my response about a fictional company to keep the game along
On Oct 31, 2007 10:03 PM, reepex <reepex@...il.com> wrote:
> I work at a less known security company that bans use of any automated
> tools unless under extreme circumstances. These include times such as
> when have 1000s of ip addresses all alive and running random windows
> versions so we use mass scans to find any unpatched machines. We
> strictly do not allow 'web scanners' no matter how large the size
> because they are all crap and its quicker to find the bugs yourself
> then verify all the false positives any web app scanner creates.
>
> How does your company handle these things?
>
> On 10/31/07, Simon Smith <simon@...soft.com> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Reepex,
> > What company are you with? I'm actually interested in finding
> infosec
> > companies that perform real work as opposed to doing everything
> > automated. Nice to hear that you're a real tester.
> >
> > With respect to your question, doesn't msf3 have some of that
> > functionality already built into it? Have you already hit all their
> > web-apps?
> >
> > reepex wrote:
> > > resulting to se in a pen test cuz you cant break any of the actual
> machines?
> > >
> > > lulz
> > >
> > > On 10/31/07, Joshua Tagnore <joshua.tagnore@...il.com> wrote:
> > >> List,
> > >>
> > >> Some time ago I remember that someone posted a PoC of a small
> site that
> > >> had a really nice looking flash animation that "performed a virus
> scan" and
> > >> after the "virus scan" was finished, the user was prompted for a
> "Download
> > >> virus fix?" question. After that, of course, a file is sent to the
> user and
> > >> he got infected with some malware. Right now I'm performing a
> penetration
> > >> test, and I would like to target some of the users of the corporate
> LAN, so
> > >> I think this approach is the best in order to penetrate to the LAN.
> > >>
> > >> I searched google but failed to find the URL, could someone send
> it to
> > >> me ? Thanks!
> > >>
> > >> Cheers,
> > >> --
> > >> Joshua Tagnore
> > >> _______________________________________________
> > >> Full-Disclosure - We believe in it.
> > >> Charter:
> > >> http://lists.grok.org.uk/full-disclosure-charter.html
> > >> Hosted and sponsored by Secunia - http://secunia.com/
> > >>
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> > - --
> >
> > - - simon
> >
> > - ----------------------
> > http://www.snosoft.com
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.5 (Darwin)
> >
> > iD8DBQFHKQOLf3Elv1PhzXgRAo+EAJwJ0eI/2XkWBxMWalEBNSYkYh+YqQCgh49q
> > XaNATfPu4PAuP8vnVF8/eyw=
> > =yy5T
> > -----END PGP SIGNATURE-----
> >
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists