Dailydave mailing list archives
Walking on Sunshine
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 03 Feb 2014 15:32:04 -0500
Vanessa is playing upbeat happy music in the office all day, which is making me optimistic. So hopefully everyone who gets this email will log in and vote on the two new talks, especially considering JDuck made a little sign in his own handwriting that says "Vote for me!" nicely. http://opencfp.immunityinc.com/cfp/1/ Note that after voting it is customary to email admin () immunityinc com and sign up for INFILTRATE itself. :> Likewise, one thing we noticed when AlexM went back to run the NDProxy.sys exploit is that RAS has to be running for the sandbox escape to work. Which means somewhere the original hackers who used this had a gold build and they KNEW their target was running RAS and XP SP3 which enabled them to optimize for minimum exposure if they got caught. How cool is that? http://vimeo.com/85563832 <http://vimeo.com/85563832><---awesome video go click it now! We didn't point out in the video that CANVAS has postactions, so you could theoretically update the Acrobat exploit (which is weirdly reliable) to automatically use NDProxy to break you out to SYSTEM if possible. Demos are more fun when there's some manual effort involved. (Note: We still have a video for you on the Android Ad exploitation effort coming out very....shortly...). -dave
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Walking on Sunshine Dave Aitel (Feb 03)