<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<img alt="" src="cid:part1.84465F28.A88AA4AA@immunityinc.com"
height="1159" width="1044">
<p><br>
</p>
<p>One thing I always look for in the IR reports I read is whether
or not anyone out there has the same kind of advanced methodology
for MITM that QUANTUM and other EQGRP tools represents. There are
a lot of different ways to do MITM. You can be close (like SILICA
with Wireless attacks) or far (SQLi in major web sites doing
directed watering hole attacks) or on the side (DNS/Naming system
attacks). Sometimes MITM is a race and sometimes it's straight
forwards. But there are clearly two types of predator societies on
the Internet: Ones that eat mostly out of the overflowing bonanza
of a bug surface trough provided by MITM, and people who still do
phishing.</p>
<p>Immunity saw this many years ago, and has been crawling towards
having a good MITM framework ever since. This is a very subjective
term, since usually until you've exploited a ton of MITM bugs you
don't realize what you want in that framework. The very latest <a
href="http://www.immunityinc.com/products/innuendo/">INNUENDO </a>1.6.1
(released today!) has a lot of scalability fixes, but also
unleashes the sniffer module into the Python executor framework
we've built up. This is the first toehold on the whole MITM
universe. <br>
</p>
<p>I don't know what the word is for the kind of thing this
MITM-focused-exploitation is. It's not "Bug Class". It's not
"Attack Surface". It's something more encompassing. Bug Galaxy?
Someone wake up Halvar and ask him.<br>
</p>
<p>Also: Don't forget to submit your talks to INFILTRATE! (<a
href="http://opencfp.immunityinc.com/">http://opencfp.immunityinc.com/</a>)<br>
</p>
<p>-dave<br>
</p>
</body>
</html>