Exploit pack verticals

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Yesterday I was helping scope out a consulting assessment of some
Citrix Presentation boxes. Today I noticed that ZDI released a remote
Citrix vulnerability. This is the sort of thing where if you don't
have the software already, it's going to be a pain to get it, set it
up, configure it, and test it in time for your engagements.
Essentially, the people best in place to write exploit packs that
matter to a particular vertical ("Large enterprises" in this case) are
embedded as partners with a large enterprise and have that perspective
already. This is rarely true for most technical research
organizations. I can see a time when there are exploit packs available
that target "hospital software" (osdetect should find the MRI,
right?), "School software" (Blackboard, etc), "Grocery Store" software
(lots of SCO), etc.

So if you haven't looked into the DSquare exploit pack, and you do any
penetration testing at all, I highly recommend you do. Most of the
exploits are in enterprise software, such as Citrix, HP Mercury
Loadrunner, or IBM Tivoli, that you wouldn't be scanning for normally,
but when you happen to run into it, you'll want an exploit ready to
go. I personally enjoy having a 100% reliable Lotus Notes exploit at
my fingertips when attacking random large organizations that run Lotus
Notes, but maybe that's just me. :>

More information is here:
http://www.d2sec.com/products.htm

- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHkR0vB8JNm+PA+iURAhfQAKDCAKBjw5s1JlvOC5qDQs0bRr826gCfUU3M
/QKrEVcFuB4YBEzzxvmwLq4=
=mUka
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave