<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Vanessa is playing upbeat happy music in the office all day, which
is making me optimistic. So hopefully everyone who gets this email
will log in and vote on the two new talks, especially considering
JDuck made a little sign in his own handwriting that says "Vote for
me!" nicely. <a href="http://opencfp.immunityinc.com/cfp/1/">http://opencfp.immunityinc.com/cfp/1/<br>
</a><br>
Note that after voting it is customary to email
<a class="moz-txt-link-abbreviated" href="mailto:admin@immunityinc.com">admin@immunityinc.com</a> and sign up for INFILTRATE itself. :><br>
<br>
Likewise, one thing we noticed when AlexM went back to run the
NDProxy.sys exploit is that RAS has to be running for the sandbox
escape to work. Which means somewhere the original hackers who used
this had a gold build and they KNEW their target was running RAS and
XP SP3 which enabled them to optimize for minimum exposure if they
got caught. How cool is that? <br>
<br>
<a href="http://vimeo.com/85563832">http://vimeo.com/85563832 </a><---awesome
video go click it now!<br>
<br>
We didn't point out in the video that CANVAS has postactions, so you
could theoretically update the Acrobat exploit (which is weirdly
reliable) to automatically use NDProxy to break you out to SYSTEM if
possible. Demos are more fun when there's some manual effort
involved.<br>
<br>
(Note: We still have a video for you on the Android Ad exploitation
effort coming out very....shortly...).<br>
<br>
-dave<br>
<br>
</body>
</html>