[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTikJnmmBjWBifMN9pY+fx+5JWpx0=JKNQVKdcOpw@mail.gmail.com>
Date: Fri, 29 Oct 2010 22:21:33 +0100
From: Benji <me@...ji.com>
To: Jacky Jack <jacksonsmth698@...il.com>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Evilgrade 2.0 - the update explotation
framework is back
Actually, that time probably would've been a v1, but I'm fine with it being
left as it is.
On Fri, Oct 29, 2010 at 9:43 PM, Jacky Jack <jacksonsmth698@...il.com>wrote:
> It's now a time for vendors to re-consider their updating scheme.
>
>
>
> On Fri, Oct 29, 2010 at 6:25 PM, [ISR] - Infobyte Security Research
> <noreply@...obytesec.com> wrote:
> >
> > [ISR] - Infobyte Security Research
> > ISR-evilgrade | www.infobytesec.com
> >
> > Infobyte Security Research is pleased to announce the release of
> evilgrade 2.0
> > with a lot of new modules and a bunch of squashed bugs.
> >
> > [-] RELEASE DETAILS
> >
> > BRIEF OVERVIEW
> >
> > Evilgrade is a modular framework that allows the user to take
> > advantage of poor upgrade implementations by injecting fake updates.
> >
> > This framework comes into play when the attacker is able to make
> > traffic redirection, and such thing can be done in several ways
> > such as: DNS tampering, DNS Cache Poisoning, ARP spoofing
> > Wi-Fi Access Point impersonation, DHCP hijacking with your
> > favorite tools.
> >
> > This way you can easy take control of a fully patched machine
> > during a penetration test in a clean and easy way. The main idea
> > behind the is to show the amount of trivial errors in the update
> > process of mainstream applications.
> >
> >
> > .:: [NEW MODULES] ::.
> > There's a new amount of 63 modules to play with! :
> > - Safari
> > - iTunes
> > - Quicktime
> > - APT
> > - Cygwin
> > - Cpan
> > - Java
> > - iTunes
> > - Mirc
> > - Adium
> > - Notepadplus
> > - Opera
> > - Bsplayer
> > - Winamp
> > - Trillian
> > - Teamviewer
> > - Virtualbox
> > - Vmware
> > - Winscp
> > - Winupdate
> > .. and many more (check out the documentation for complete list)
> >
> >
> > ..:: [ONLINE DEMO] ::.
> > Watch the framework in action, Java signed certificate bypass +
> > javapayload = pwnage
> > http://www.infobytesec.com/demo/java_win7.htm
> >
> > .:: [AUTHOR] ::.
> >
> > Francisco Amato
> > famato+at+infobytesec+dot+com
> >
> > .:: [DOWNLOAD] ::.
> > Get the last version over here:
> > http://www.infobytesec.com/developments.html
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists