I played with kit this morning = very nice. Modules seem easy to build for it too.
New ideas to exploit DNS
I dont know if its correct section to post it here, excuse if not.
A guy called evilgrade has made a tool which can launch exploits againt DNS:
Video
ISR-evilgrade v1.0.0
Francisco Amato of Infobyte Security Research just announced ISR-evilgrade v1.0.0, a toolkit for exploiting products which perform online updates in an insecure fashion. This tool works in conjunction with man-in-the-middle techniques (DNS, ARP, DHCP, etc) to exploit a wide variety applications. The demonstration video uses the CAU/Metasploit DNS exploit in conjunction with the Sun Java update mechanism to execute code on a fully patched Windows machine. For more information, see the README and slide deck. The first release includes exploits for Sun Java, Winzip, Winamp, Mac OS X, OpenOffice, iTunes, Linkedin Toolbar, DAP, Notepad++, and Speedbit
R3g@rd$
I played with kit this morning = very nice. Modules seem easy to build for it too.
dd if=/dev/swc666 of=/dev/wyze
Hmm... Seems like something worth checking out, thanks for posting the link akenateb.
-Monkeys are like nature's humans.
Very interesting find. Clearly shows the fact that computer security is only as strong as its weakest link
Posting Permissions