[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Binary Planting Attack Vectors - There's more than one way to skin a cat... or plant a binary, for that matter
- To: <bugtraq@xxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>, <cert@xxxxxxxx>, <si-cert@xxxxxxxx>
- Subject: Binary Planting Attack Vectors - There's more than one way to skin a cat... or plant a binary, for that matter
- From: "ACROS Security Lists" <lists@xxxxxxxx>
- Date: Mon, 20 Sep 2010 18:52:19 +0200
ACROS Security is presenting an analysis of many different delivery methods for
binary planting attacks, providing a hopefully more comprehensive view on the
feasibility of such attacks. We looked at some of the most popular web
browsers, most
popular e-mail clients and most popular document readers, trying to use them as
delivery mechanisms for binary planting attacks.
Some interesting findings:
- Clicking a link to a remote shared folder on a web page will open this share
in
Windows Explorer without a warning for 67% of all Internet Explorer users.
- Clicking a link to a remote shared folder in an e-mail message will open this
share
in Windows Explorer without a warning for all Outlook, Windows Mail and Windows
Live
Mail users, regardless of their default web browser. (E-mail is the most likely
vector for targeted attacks on corporate and government networks.)
A full commentary:
http://blog.acrossecurity.com/2010/09/binary-planting-attack-vectors.html
Analysis: http://www.binaryplanting.com/attackVectors.htm
Do the demonstrations for yourself and let us know how they worked for you.
Pleasant reading,
Mitja Kolsek
CEO&CTO
ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com
ACROS Security: Finding Your Digital Vulnerabilities Before Others Do