[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Flash that simulates virus scan
- To: "Joshua Tagnore" <joshua.tagnore@xxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Flash that simulates virus scan
- From: reepex <reepex@xxxxxxxxx>
- Date: Wed, 31 Oct 2007 16:56:20 -0500
resulting to se in a pen test cuz you cant break any of the actual machines?
lulz
On 10/31/07, Joshua Tagnore <joshua.tagnore@xxxxxxxxx> wrote:
> List,
>
> Some time ago I remember that someone posted a PoC of a small site that
> had a really nice looking flash animation that "performed a virus scan" and
> after the "virus scan" was finished, the user was prompted for a "Download
> virus fix?" question. After that, of course, a file is sent to the user and
> he got infected with some malware. Right now I'm performing a penetration
> test, and I would like to target some of the users of the corporate LAN, so
> I think this approach is the best in order to penetrate to the LAN.
>
> I searched google but failed to find the URL, could someone send it to
> me ? Thanks!
>
> Cheers,
> --
> Joshua Tagnore
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/