lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <506294995ACA2E4597D41287B055917005B05FF1B3@srvexch1>
Date: Tue, 7 Apr 2009 16:34:57 +0300
From: Erez Metula <erezmetula@...ecure.co.il>
To: "erezmetula@...il.com" <erezmetula@...il.com>
Subject: .NET Framework Rootkits

Hello,
Attached are the presentation + whitepaper I'm going to talk about at BlackHat conference next week in Amsterdam, titled ".NET Framework Rootkits - Backdoors inside Your Framework".

The main threats of Framework level rootkits are

 *   Hidden malware
 *   Applications behavioral changes
 *   Insider threats (such as developer backdoors)

Although the focus is on the .NET Framework, it is a general concept that is relevant to other platforms such as Java, PHP,Flash, Dlavik (Google Android) and more.

For more information, such as the ".NET-Sploit" tool used to demonstrate those attacks please visit
http://www.applicationsecurity.co.il/.NET-Framework-Rootkits.aspx

More info on the following Blackhat conference can be found here: https://www.blackhat.com/html/bh-europe-09/bh-eu-09-schedule.html

Regards,
Erez.

________________________________
[cid:image001.jpg@...9B701.845F53E0]
Erez Metula, CISSP
Application Security Department Manager
Security Training Academic Director
Security Software Engineer
E-Mail:  erezmetula@...ecure.co.il<mailto:erezmetula@...ecure.co.il>      Mobile:  972-54-2108830      Office: 972-3-6492007

"Attackers often read through the documentation one page beyond where the developers stopped reading"


Content of type "text/html" skipped

Download attachment "image001.jpg" of type "image/jpeg" (2275 bytes)

Download attachment ".NET Framework rootkits -
	backdoors inside your framework - revised.pdf" of type "application/pdf" (382791 bytes)

Download attachment ".NET Framework Rootkits -
	Backdoors Inside Your Framework (Erez Metula).ppt" of type "application/vnd.ms-powerpoint" (887808 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ