|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Possible prod to people to upgrade DNS
Hi, The demo takes a while to load, goes fast, but shows how the exploit for DNS can potentially be used to get into a persons machine w/o them even being involved. Tuc/TBOH Forwarded message: > > -- ISR - Infobyte Security Research > -- | ISR-evilgrade | www.infobyte.com.ar | > > ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates. > > * How does it work? > > It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. > Evilgrade needs the manipulation of the victim dns traffic. > > Attack vectors: > --------------------- > > Internal scenary: (Internal DNS access,ARP spoofing,DNS Cache Poisoning, DHCP spoofing) > External scenary: (Internal DNS access,DNS Cache Poisoning) > > * What are the supported OS? > > The framework is multiplaform, it only depends of having the right payload for the target platform to be exploited. > > Implemented modules: > --------------------------------- > - Java plugin > - Winzip > - Winamp > - MacOS > - OpenOffices > - iTunes > - Linkedin Toolbar > - DAP [Download Accelerator] > - notepad++ > - speedbit > > ..:: DEMO > > Demo feature - (Java plugin + Dan Kaminsky�s Dns vulnerability) = remote pwned. > http://www.infobyte.com.ar/demo/evilgrade.htm > > ..:: AUTHOR > > Francisco Amato > famato+at+infobyte+dot+com+dot+ar > > ..:: DOWNLOAD > > http://www.infobyte.com.ar/developments.html > > > ..:: MORE INFORMATION > > Presentation: > http://www.infobyte.com.ar/down/Francisco-Amato-evilgrade-ENG.html > >
|