[Dailydave] Walking on Sunshine
Dave Aitel
dave at immunityinc.com
Mon Feb 3 15:32:04 EST 2014
Vanessa is playing upbeat happy music in the office all day, which is
making me optimistic. So hopefully everyone who gets this email will log
in and vote on the two new talks, especially considering JDuck made a
little sign in his own handwriting that says "Vote for me!" nicely.
http://opencfp.immunityinc.com/cfp/1/
Note that after voting it is customary to email admin at immunityinc.com
and sign up for INFILTRATE itself. :>
Likewise, one thing we noticed when AlexM went back to run the
NDProxy.sys exploit is that RAS has to be running for the sandbox escape
to work. Which means somewhere the original hackers who used this had a
gold build and they KNEW their target was running RAS and XP SP3 which
enabled them to optimize for minimum exposure if they got caught. How
cool is that?
http://vimeo.com/85563832 <http://vimeo.com/85563832><---awesome video
go click it now!
We didn't point out in the video that CANVAS has postactions, so you
could theoretically update the Acrobat exploit (which is weirdly
reliable) to automatically use NDProxy to break you out to SYSTEM if
possible. Demos are more fun when there's some manual effort involved.
(Note: We still have a video for you on the Android Ad exploitation
effort coming out very....shortly...).
-dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140203/d43c0556/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140203/d43c0556/attachment.sig>
More information about the Dailydave
mailing list