[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4DD51420.8070004@gmail.com>
Date: Thu, 19 May 2011 20:59:12 +0800
From: DFlower <dflower.zs@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: MalBox Release! A Program Behavior Analysis
System!
Hi, everyone
We've published a whitepaper on Malbox's site, which will introduce
Malbox's architecture and workflow. You can download it from
http://malbox.xjtu.edu.cn.
> On Sat, May 14, 2011 at 10:55:30PM +0100, Chris M wrote:
>> Not convinced.
>>
>> Tried to upload a few samples, "only support EXE files" ---- no DLLs? yet
>> you take URLs? only to exes?
>>
>> The file I upped was a PE file. Just with a renamed extension.
>>
>> Also submitted a couple of "known bad" files and got a list of tcp ports
>> back.... how is this operating? _SHARED_ sandbox?
>>
>> Whats it based on?
>>
>> More information would be appreciated :)
>>
>> -C
> I can still get HTTP 500 errors easily. That service is running vulnerable version of Tomcat and still saying wrong TCP-connections with any scan url/exe-sample. JS checks aren't done in backend.
>
> Best regards,
> Henri Salo
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists