Full Disclosure mailing list archives
Re: Flash that simulates virus scan
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 31 Oct 2007 19:34:50 -0400
On 10/31/07, Joshua Tagnore <joshua.tagnore () gmail com> wrote:
List, Some time ago I remember that someone posted a PoC of a small site that had a really nice looking flash animation that "performed a virus scan" and after the "virus scan" was finished, the user was prompted for a "Download virus fix?" question. After that, of course, a file is sent to the user and he got infected with some malware. Right now I'm performing a penetration test, and I would like to target some of the users of the corporate LAN, so I think this approach is the best in order to penetrate to the LAN. I searched google but failed to find the URL, could someone send it to me ? Thanks!
You can always use the 'ol drop-a-usb-flash-drive-in-the-parking-lot trick. I find it helps if you label it "2006 salary report" or "Classified- 2008 Layoffs". This usually does the trick if autorun is enabled on workstations. If you can find a way to create cdfs formatted pen drives, lemme know. Don't forget to chop your keylogger in half with hex editors till you find the signature and then edit it so they no longer detect you. -JP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Flash that simulates virus scan Joshua Tagnore (Oct 31)
- Re: Flash that simulates virus scan reepex (Oct 31)
- Re: Flash that simulates virus scan Valdis . Kletnieks (Oct 31)
- Re: Flash that simulates virus scan Michael Neal Vasquez (Oct 31)
- Re: Flash that simulates virus scan jf (Oct 31)
- Re: Flash that simulates virus scan reepex (Oct 31)
- Re: Flash that simulates virus scan scott (Oct 31)
- Re: Flash that simulates virus scan Valdis . Kletnieks (Oct 31)
- Re: Flash that simulates virus scan reepex (Oct 31)
- Re: Flash that simulates virus scan Dude VanWinkle (Oct 31)
- Re: Flash that simulates virus scan Nick FitzGerald (Oct 31)