| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTinD=3W5snj7iBE2G4GD1zvtBHoddSLj+yYTA-K5@mail.gmail.com> Date: Mon, 1 Nov 2010 06:06:00 +0800 From: Jacky Jack <jacksonsmth698@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Fwd: [DEMO] Sample videos about IDS/IPS evasions... ---------- Forwarded message ---------- From: Nelson Brito <nbrito@...ure.org> Date: Mon, Nov 1, 2010 at 5:40 AM Subject: RE: [Full-disclosure] [DEMO] Sample videos about IDS/IPS evasions... To: Jacky Jack <jacksonsmth698@...il.com> http://vimeo.com/16371447 Use this instead!!! > -----Original Message----- > From: Jacky Jack [mailto:jacksonsmth698@...il.com] > Sent: Sunday, October 31, 2010 5:43 PM > To: Nelson Brito > Subject: Re: [Full-disclosure] [DEMO] Sample videos about IDS/IPS > evasions... > > This video has been removed as a violation of YouTube's policy against > spam, scams, and commercially deceptive content. > > > > On Sat, Oct 30, 2010 at 4:47 AM, Nelson Brito <nbrito@...ure.org> > wrote: > > Hi, everyone! > > > > > > > > As so many highlights have been given on Intrusion Detection System > and > > Intrusion Prevention System evasions (?) last week, I decided to send > this > > message just to let you all know that I published a brand-new sample > video, > > demonstrating two Exploit Next Generation® example modules, > successfully > > evading: > > > > · SNORT 2.8.6 detection for MS02-056 vulnerability. > > > > · SURICATA 0.9.0 detection for MS08-078 vulnerability. > > > > > > > > Here is the YouTube video: > > > > · http://www.youtube.com/watch?v=iHgtf4PXqeU > > > > > > > > PS: So, Intrusion Detection System and Intrusion Prevention System > evasions > > are not that BIG NEWS, at least not for the H2HC Sixth Edition's > audience. > > > > > > > > Before someone asks what the similarities and/or differences between > Exploit > > Next Generation® (ENG++) and Advanced Evasion Techniques (AET), let > me get > > this clear: > > > > · ENG++ has a different approach and has no similarity to > AET, > > despite the fact that both of them can be used to bypass IDS and IPS > > technology. Besides, ENG++ is a much older research. > > > > · ENG++ was first designed in 2004, coded in 2005, published > in 2008 > > (“Exploit creation - The random approach” or “Playing with random to > build > > exploits”), and became a methodology in 2009 (“The Departed: Exploit > Next > > Generation – The Philosophy”). > > > > · ENG++ became a methodology when I decided to port it to > work > > with/to any open exploit development framework, i.e., Metasploit > Framework. > > > > · Ported means that ENG++ has been developed for a long, > long, long > > time, so just some modules is working on Metasploit Framework to > release > > some of its example and to help people understanding that really cool > stuff > > can be done when you are innovating and creating. > > > > > > > > In a few words: Exploit Next Generation® Compliance Methodology is > not the > > same thing as Advanced Evasion Techniques (ENG++ != AET). > > > > > > > > For further information, please, visit the URL: > > > > · http://j.mp/ExploitNG > > > > > > > > For online information and news about Exploit Next Generation® > Compliance > > Methodology, please, follow @Exploit_NG on Twitter. > > > > > > > > Cheers. > > > > > > > > Nelson Brito > > > > Security Researcher > > > > http://fnstenv.blogspot.com/ > > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists