<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Aloha List!<br>
<br>
Although a bit later than usual we have the new CANVAS movie
detailing the new features in 6.87 available for your viewing
pleasure at:<br>
<br>
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a class="moz-txt-link-freetext" href="http://partners.immunityinc.com/movies/CANVAS_687_1.mov">http://partners.immunityinc.com/movies/CANVAS_687_1.mov</a><br>
<br>
A few things to note about this video<br>
1) We do see the Java warning popup happen when demoing the
java_DynamicBinding, this is because I forgot to uncheck "Always Do
Recon". Unfortunately checking for the Java version means triggering
that popup. So if you want to be stealthy and use this exploit on a
gig, don't forget to uncheck the box! By default the exploit makes
use of the JNLP popup bypass technique.<br>
<br>
2) The inject_to_mem module works on Windows 32/64 as well as OSX
32/64, the technique for OSX has not been discussed anywhere else
publicly to our knowledge. The Windows technique for loading DLLs
into a process without touching disk is a variant of what was used
by Stuxnet.<br>
<br>
3) The audio does cut out for about 6 seconds around the 1:54 mark,
sorry about that<br>
<br>
As always questions can be aimed at <a class="moz-txt-link-abbreviated" href="mailto:support@immunityinc.com">support@immunityinc.com</a><br>
<br>
Cheers,<br>
-AlexM<br>
<br>
<br>
<pre class="moz-signature" cols="72">--
Alex McGeorge
Immunity Inc.
1130 Washington Avenue 8th Floor
Miami Beach, Florida 33139
P: 786.220.0600</pre>
</body>
</html>