[Dailydave] March of the Titans

Dave Aitel dave at immunityinc.com
Wed Dec 24 09:48:21 EST 2014

Watch the SILICA video here, including the hilarious entry noise that
Nico did somehow: https://vimeo.com/115337910

SILICA has another new feature that Alex didn't mention on the video,
which is that it can replace binaries being downloaded to become CANVAS
callbacks, and get access to Windows, Linux or OS X machines that way. 
Now of course everyone on this list is like "WHO WOULD DOWNLOAD A BINARY
OVER WIRELESS AND RUN IT?!?" but the answer is "Every Windows user has
to do this about 5 times a day to do anything on their computer",  so
all of them - sadly.

Likewise, the new CANVAS release this week has a version of the
"sandworm" exploit that works on 8.1 and is an all-in-one OLE package,
which the original one wasn't for some reason. So while the original one
could not be used to worm, the CANVAS one COULD in theory, be used to
worm. Which I'm glad we did just to justify the name!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141224/2cb2048e/attachment.sig>

More information about the Dailydave mailing list