Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MalBox Release! A Program Behavior Analysis System!

From: Henri Salo <henri () nerv fi>
Date: Sun, 15 May 2011 02:43:23 +0300
On Sat, May 14, 2011 at 10:55:30PM +0100, Chris M wrote:

Not convinced.

Tried to upload a few samples, "only support EXE files" ---- no DLLs? yet
you take URLs? only to exes?

The file I upped was a PE file. Just with a renamed extension.

Also submitted a couple of "known bad" files and got a list of tcp ports
back.... how is this operating? _SHARED_ sandbox?

Whats it based on?

More information would be appreciated :)

-C


I can still get HTTP 500 errors easily. That service is running vulnerable version of Tomcat and still saying wrong 
TCP-connections with any scan url/exe-sample. JS checks aren't done in backend.

Best regards,
Henri Salo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: