Dailydave mailing list archives
Re: Bouncing with PHP
From: Jeremy Kelley <jeremy () austin ibm com>
Date: Mon, 19 May 2008 16:08:41 -0500
Quoting Dave Aitel (dave () immunityinc com): [snipped]
1. Lots of things have PHP so you know you always have the ability to install a callback trojan on them you can bounce through even if you can't execute real binaries. 2. All of the PHP Include and PHP Eval() bugs can now be used to directly bounce other attacks through, without ever loading code on the target system. This makes forensics harder and is convenient to boot! Hurrah!
I think we're going to see a lot more of this for a couple of reasons. 1) the interp'd languages are so mature now. I want to upload/download something to/from your box and http does that quite well and will pass through firewalls. I don't have ot reinvent the wheel each time. Python's motto is "batteries included" referring to the libraries that are included. Ever looked at just what's enabled in a default install of PHP on the big linux distros? Everything. 2) Seems that php/python/ruby is what most people really are comfortable using now. Schools are even starting to teach php and python as secondary languages for projects, etc so the userbase just builds on itself.
As a side note, for those of you with iTunes you can now download Flight of The Conchords, which is about two kiwi musicians and is quite funny.
Youtube has a bunch also, which works on linux. :) -j -- Jeremy Kelley <jeremy () austin ibm com> Sr. Threat Analyst gpg 1024D/E0DF8B2D 4BC3 B8B5 5B42 CC8E B6A9 2E85 32D3 C51C E0DF 8B2D That's the problem with science. You've got a bunch of empiricists trying to describe things of unimaginable wonder. -Bill Watterson _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Bouncing with PHP Dave Aitel (May 19)
- Re: Bouncing with PHP Jeremy Kelley (May 19)
- Message not available
- Re: Bouncing with PHP Jeremy Kelley (May 20)
- Message not available
- Re: Bouncing with PHP Jeremy Kelley (May 19)