Dailydave mailing list archives
Oracle Rootkits
From: Dave Aitel <dave () immunityinc com>
Date: Tue, 09 Jan 2007 12:09:13 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 One of the things we've tried to do, and I think been fairly successful at, is build an ecosystem around CANVAS where we can get independent vendors to develop their own technology on top of the CANVAS base project. For the vendor there are a number of benefits. 1. We accept credit cards and are a US company (soon to be 8(a) I hope!). We have a customer list we can market their things to easily. 2. MOSDEF means vendors don't have to spend their whole lives writing shellcode. Built in Oracle/MSSQL/mySQL/SSL/etc libraries don't hurt. Having remote os and language pack detection done for you is nice. 3. CANVAS's automation means that if a vendor has a module to fix some new vulnerability, it can be used against a class B as part of massattack or VulnAssess without any additional configuration by the customer. A few years back everyone was like "I want to write exploits for a living". And now you can. Anyways, I bring this up because I notice Argeniss is now selling a really cool Oracle Rootkit now as part of their toolkit. How awesome is that? - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFo8wtB8JNm+PA+iURAu/xAJsEz8wfDFNqIg96BP9SDQpgPtQ9FgCgl5Wm FTFytU44eSH5v0As5EPv66Y= =MhPq -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Oracle Rootkits Dave Aitel (Jan 09)