[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer

To: der Mouse <mouse@Rodents.Montreal.QC.CA>
Subject: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
From: "John D. Hardin" <jhardin@impsec.org>
Date: Tue, 10 Feb 2004 16:28:31 -0800 (PST)

On Tue, 10 Feb 2004, der Mouse wrote:

> Depends.  Does it include the tools necessary to sign my own code?
> 
> If so, what's to stop a malware creator from using those same tools to
> sign the attack vector?

How does the malware author get the private half of a public key you
trust for software installations?

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin@impsec.org                        pgpk -a jhardin@impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
                                -- Peter da Silva in a.s.r
-----------------------------------------------------------------------
   53 days until the Slovakian Presidential Election

Follow-Ups:
- Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
  - From: der Mouse <mouse@Rodents.Montreal.QC.CA>

References:
- Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
  - From: der Mouse <mouse@Rodents.Montreal.QC.CA>

Prev by Date: RE: Hysterical first technical alert from US-CERT
Next by Date: AIX password enumeration possible
Previous by thread: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
Next by thread: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
Index(es):
- Date
- Thread