Results 1 to 3 of 3

Thread: Evil grade style exploit, replace the binary data of a file during download...

  1. #1
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default Evil grade style exploit, replace the binary data of a file during download...

    this could be a man in the middle style exploit, if a client on the network is surfing websites looking for executable files to download, this proxy can modify the binary data on the fly...

    its just proof of concept... i never finished it because i became overwhelmed with the amount of work needed just to build a stable proxy that can handle all kinds of traffic, ftp, ssh, http, https etc...

    Proxy source
    pastebin.com/n7AHi5Ny
    i now understand that i need to build a proxy framework that can handle each protocal then the exploits will come later but i need help doing this...

    my life is busy and this is just a hobby and I LOVE RUBY ,-)
    if you like youtube...
    https://vimeo.com/51230425
    [REMOVED YOUTUBE VIDEO]
    Last edited by g0tmi1k; 11-27-2012 at 05:43 AM. Reason: Removed YOUTUBE video

  2. #2
    Junior Member M00kaw's Avatar
    Join Date
    Oct 2010
    Location
    127.0.0.1
    Posts
    47

    Default Re: Evil grade style exploit, replace the binary data of a file during download...

    It is really really a nice POC !
    I would love to play around with it..

    I know a little bit of ruby, and it's so cool that you released the code.

    edit:

    what ruby version ?

  3. #3
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default Re: Evil grade style exploit, replace the binary data of a file during download...

    Quote Originally Posted by M00kaw View Post
    It is really really a nice POC !
    I would love to play around with it..

    I know a little bit of ruby, and it's so cool that you released the code.

    edit:

    what ruby version ?
    I made this about a year ago, i started from scratch about 6 times with ruby sockets and eventmachine... after making this thread i found arp_poisining.rb in the metasploit frame work and another arp_spoofit.rb on github, both these could be the bare bones for this kind of exploit...

    http://metasploit.com/modules/auxiliary/spoof/arp/arp_poisoning.rb i have been messing around with this module and maybe i can get some help here...
    I just need to get my ruby finger tips on the data 'from the client' and 'to the client'
    im sure its so simple and this frustrates me

    it drives me crazy because all day i think about the ruby i will write once i can get in controle of the data flow

    in the end im sure ill just have to write some ugly ettercap filters and then save the packet to a file, execute ruby script to modify the data then inject it... but that sounds so lame to me and every one loves metasploit

    Im reading document packetfu! maybe the place to learn
    Last edited by BigMac; 10-23-2012 at 06:36 PM.

Similar Threads

  1. Could apps like download managers be evil
    By kutchbhi in forum OLD General IT Discussion
    Replies: 2
    Last Post: 01-04-2010, 07:40 AM
  2. cannot execute binary file
    By imported_seven in forum OLD Newbie Area
    Replies: 4
    Last Post: 07-03-2009, 01:34 PM
  3. Aireplay-ng "Cannot execute binary file'
    By ultimateguitarist in forum OLD Newbie Area
    Replies: 1
    Last Post: 07-16-2008, 12:19 AM
  4. Packetforge-ng cannot execute binary file
    By r042wal in forum OLD Newbie Area
    Replies: 1
    Last Post: 06-16-2008, 10:30 PM
  5. Cannot execute binary file - make/man
    By titan in forum OLD BackTrack v2.0 Final
    Replies: 0
    Last Post: 03-14-2007, 01:31 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •