|
|
 |
| New User, Welcome! Login |
Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations
| From: |
"[ISR] - Infobyte Security Research" <noreply infobyte com ar> |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations |
| Date: |
Mon - Jul 28, 2008 03:09 AM |
-- ISR - Infobyte Security Research
-- | ISR-evilgrade | www.infobyte.com.ar |
ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.
* How does it work?
It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems.
Evilgrade needs the manipulation of the victim dns traffic.
Attack vectors:
---------------------
Internal scenary: (Internal DNS access,ARP spoofing,DNS Cache Poisoning, DHCP spoofing)
External scenary: (Internal DNS access,DNS Cache Poisoning)
* What are the supported OS?
The framework is multiplaform, it only depends of having the right payload for the target platform to be exploited.
Implemented modules:
---------------------------------
- Java plugin
- Winzip
- Winamp
- MacOS
- OpenOffices
- iTunes
- Linkedin Toolbar
- DAP [Download Accelerator]
- notepad++
- speedbit
..:: DEMO
Demo feature - (Java plugin + Dan Kaminsky´s Dns vulnerability) = remote pwned.
http://www.infobyte.com.ar/demo/evilgrade.htm
..:: AUTHOR
Francisco Amato
famato+at+infobyte+dot+com+dot+ar
..:: DOWNLOAD
http://www.infobyte.com.ar/developments.html
..:: MORE INFORMATION
Presentation:
http://www.infobyte.com.ar/down/Francisco-Amato-evilgrade-ENG.html
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
