Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DLL hijacking with Autorun on a USB drive

From: Mario Vilas <mvilas () gmail com>
Date: Fri, 27 Aug 2010 18:38:48 +0200
On Fri, Aug 27, 2010 at 5:27 PM, matt <matt () attackvector org> wrote:

2) This opens the door for more widespread attacks.  In the case of
PowerPoint, one could simply find a share on a network that contains a large
amount of ppt files and save his/her rogue DLL file in that directory.
 Then, whenever anyone opens one of the files, the attacker gets immediate
access to the victims PC without the victim having any idea.


This is not any different from what worms used to do back in 2000...

http://dpnm.postech.ac.kr/research/04/nsri/papers/010919-Analysis-Nimda.pdf

(See page 4)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: