Full Disclosure mailing list archives
Re: Flash that simulates virus scan
From: reepex <reepex () gmail com>
Date: Sun, 9 Dec 2007 14:14:32 -0600
the first email from simon asking about where i work following a succesful troll of some random kiddie.... On Oct 31, 2007 4:37 PM, Simon Smith <simon () snosoft com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reepex, What company are you with? I'm actually interested in finding infosec companies that perform real work as opposed to doing everything automated. Nice to hear that you're a real tester. With respect to your question, doesn't msf3 have some of that functionality already built into it? Have you already hit all their web-apps? reepex wrote:resulting to se in a pen test cuz you cant break any of the actualmachines?lulz On 10/31/07, Joshua Tagnore <joshua.tagnore () gmail com> wrote:List, Some time ago I remember that someone posted a PoC of a small sitethathad a really nice looking flash animation that "performed a virus scan"andafter the "virus scan" was finished, the user was prompted for a"Downloadvirus fix?" question. After that, of course, a file is sent to the userandhe got infected with some malware. Right now I'm performing apenetrationtest, and I would like to target some of the users of the corporateLAN, soI think this approach is the best in order to penetrate to the LAN. I searched google but failed to find the URL, could someone send ittome ? Thanks! Cheers, -- Joshua Tagnore _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/- -- - - simon - ---------------------- http://www.snosoft.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) iD8DBQFHKQOLf3Elv1PhzXgRAo+EAJwJ0eI/2XkWBxMWalEBNSYkYh+YqQCgh49q XaNATfPu4PAuP8vnVF8/eyw= =yy5T -----END PGP SIGNATURE-----
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Flash that simulates virus scan reepex (Dec 09)
- Re: Flash that simulates virus scan Simon Smith (Dec 09)
- Re: Flash that simulates virus scan reepex (Dec 09)
- Re: Flash that simulates virus scan jf (Dec 09)
- Re: Flash that simulates virus scan Dude VanWinkle (Dec 09)
- Re: Flash that simulates virus scan Simon Smith (Dec 09)
- Re: Flash that simulates virus scan reepex (Dec 09)
- <Possible follow-ups>
- Re: Flash that simulates virus scan reepex (Dec 09)
- Re: Flash that simulates virus scan reepex (Dec 09)
- Re: Flash that simulates virus scan reepex (Dec 09)
- Re: Flash that simulates virus scan Simon Smith (Dec 09)