Dailydave mailing list archives
Exploit pack verticals
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 18 Jan 2008 16:42:08 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yesterday I was helping scope out a consulting assessment of some Citrix Presentation boxes. Today I noticed that ZDI released a remote Citrix vulnerability. This is the sort of thing where if you don't have the software already, it's going to be a pain to get it, set it up, configure it, and test it in time for your engagements. Essentially, the people best in place to write exploit packs that matter to a particular vertical ("Large enterprises" in this case) are embedded as partners with a large enterprise and have that perspective already. This is rarely true for most technical research organizations. I can see a time when there are exploit packs available that target "hospital software" (osdetect should find the MRI, right?), "School software" (Blackboard, etc), "Grocery Store" software (lots of SCO), etc. So if you haven't looked into the DSquare exploit pack, and you do any penetration testing at all, I highly recommend you do. Most of the exploits are in enterprise software, such as Citrix, HP Mercury Loadrunner, or IBM Tivoli, that you wouldn't be scanning for normally, but when you happen to run into it, you'll want an exploit ready to go. I personally enjoy having a 100% reliable Lotus Notes exploit at my fingertips when attacking random large organizations that run Lotus Notes, but maybe that's just me. :> More information is here: http://www.d2sec.com/products.htm - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHkR0vB8JNm+PA+iURAhfQAKDCAKBjw5s1JlvOC5qDQs0bRr826gCfUU3M /QKrEVcFuB4YBEzzxvmwLq4= =mUka -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Exploit pack verticals Dave Aitel (Jan 18)