If at first you don't succeed; call it version 1.0
Monday, April 24, 2006

"...DOM-Hanoi is a community-developed utility for verifying browser integrity, written by H D Moore and Aviv Raff.
DOM-Hanoi will look for common DHTML implementation flaws by adding/removing DOM elements, in a similar way to the known Tower of Hanoi game..."

http://metasploit.com/users/hdm/tools/domhanoi/domhanoi.html


Monday, April 24, 2006 4:39:41 PM UTC | Comments [0] | Security#
Monday, April 10, 2006

"...CSSDIE is a community-developed utility for verifying browser integrity, written by H D Moore, Matt Murphy, Aviv Raff, and Thierry Zoller. CSSDIE will look for common CSS1/CSS2/CSS3 implementation flaws by specifying common bad values for style values..."

http://metasploit.com/users/hdm/tools/see-ess-ess-die/cssdie.html


Monday, April 10, 2006 6:20:38 PM UTC | Comments [0] | Security#
Saturday, April 01, 2006

On Thursday a new generation of the createTextRange exploit was released under Metasploit.

Few hours later, and an article was published on techweb, where AV vendor Fortinet claimed that this exploit is much faster (??) than the older exploits. And, probably after reading my blog post, older exploits caused the browser to freeze.

According to my tests using VirusTotal, Fortinet was the only AV vendor to create a signature for the new generation - JS/CreateTextRange.B!exploit.

Well, that was up until today, when a new revision for the createTextRange was published under Metasploit and Milw0rm.

The new revision demonstrates better AV/IDS evasion techniques, by using random variables/functions names, which apparently are included in the "generic" signatures of the AV and IDS vendors.

And no, this is not an April fool's day prank.

10 days (or less) left for the MS patch.

 


Saturday, April 01, 2006 9:56:28 PM UTC | Comments [0] | Security#
Send me an Email
Follow me on Twitter
RSS Feeds
  
Blogroll
Archive
Admin Login
Sign In
Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.