worms

[Dave Aitel <dave () immunitysec com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So Immunity released our lsass exploit to CANVAS today, as well as a
working ASN.1 exploit (with much credit to Solar Eclipse). One of the
great things about the lsass exploit is that not only is it perfectly
reliable on all service packs, but it can also not kill the service if
it doesn't want to! One of the key things I tried to do when designing
CANVAS early on was make it a good platform for rapid exploit creation
- - I think our time of 8 hours wasn't bad for that kind of quality. :>

Of course, no doubt some losers will write the world's dumbest worm
for it though. I wish they'd at least get creative - or fix their hard
drive destruction routines. Maybe they could add it with a spammer
tool that sends out the hard drive first or something. The coolest
worm would probably just send out every spreadsheet and word document,
and then dissapear, and you'd never know you even got hacked. See, now
that's a worm that makes a difference. Destruction isn't bothering
people. Loss of proprietary information and uncertanty makes CEO's
quiver in fear.

Anyways, have good night everyone! Hopefully you put off your patching
till Friday, right? :>

- -dave

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAfePnzOrqAtg8JS8RAtdCAJ9vajC/XDx+IbiGbWnO4m5kF7Bz9gCgnVnb
H2tT4zQrqyg0RwJX/58oQFk=
=0TjD
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave