Results 1 to 4 of 4

Thread: New ideas to exploit DNS

  1. #1
    Just burned his ISO akenateb's Avatar
    Join Date
    Mar 2010
    Posts
    19

    Arrow New ideas to exploit DNS

    I dont know if its correct section to post it here, excuse if not.

    A guy called evilgrade has made a tool which can launch exploits againt DNS:

    Video

    ISR-evilgrade v1.0.0

    Francisco Amato of Infobyte Security Research just announced ISR-evilgrade v1.0.0, a toolkit for exploiting products which perform online updates in an insecure fashion. This tool works in conjunction with man-in-the-middle techniques (DNS, ARP, DHCP, etc) to exploit a wide variety applications. The demonstration video uses the CAU/Metasploit DNS exploit in conjunction with the Sun Java update mechanism to execute code on a fully patched Windows machine. For more information, see the README and slide deck. The first release includes exploits for Sun Java, Winzip, Winamp, Mac OS X, OpenOffice, iTunes, Linkedin Toolbar, DAP, Notepad++, and Speedbit

    R3g@rd$

  2. #2
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    I played with kit this morning = very nice. Modules seem easy to build for it too.
    dd if=/dev/swc666 of=/dev/wyze

  3. #3
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Hmm... Seems like something worth checking out, thanks for posting the link akenateb.
    -Monkeys are like nature's humans.

  4. #4
    Senior Member Shatter's Avatar
    Join Date
    Jan 2010
    Posts
    192

    Default

    Very interesting find. Clearly shows the fact that computer security is only as strong as its weakest link

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •