Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

We're sneaky at Immunity

From: Alex McGeorge <alexm () immunityinc com>
Date: Fri, 08 Jul 2011 10:54:33 -0400
List,

We released the latest version of CANVAS recently and a few of the
features are cool and downright sneaky. We've modified our exploit for
MS11-003 to handle our new callback method, the DNS callback. It looks
and behaves enough like legit DNS traffic (only there's a lot more of
it) to fool Wireshark [1]. The other neat feature is our Thunderbird
backdoor which Esteban debuted at Infiltrate 2011. Using an email client
as C&C has been done, but using steganography is a super cool extension
of that idea [2].

As always sales inquiries can be handled by sales () immunityinc com

-AlexM

[1] http://partners.immunityinc.com/movies/demo-ms11-003.mov
[2] http://partners.immunityinc.com/movies/demo-thunderbird-execute.mov

-- 
Alex McGeorge
Immunity Inc.
1130 Washington Avenue 8th Floor
Miami Beach, Florida 33139
P: 786.220.0600

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: