[Dailydave] Two thoughts for the day:
Pusscat
pusscat at metasploit.com
Fri Apr 25 09:10:36 EDT 2008
I've got to really agree strongly concerning point #1, for two main reasons:
1. We've been turning around the patch->exploit process before full
deployment for years now, sometimes before autoupdate even sees the
patches in the US.
2. The work presented ignores the most time consuming portion of the
exercise, being the attack vector discovery. It only automates the
portion which takes a negligable amount of time when compared to the
rest of the work needed to produce a viable exploit.
On Thu, Apr 24, 2008 at 4:51 PM, Dave Aitel <dave at immunityinc.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> 1. The sky is not falling and Microsoft does not have to rewrite their
> entire patch system to solve any pressing problems.
> (http://www.securityfocus.com/news/11514).
>
> 2. Penetration testing frameworks need to have a whole trojan framework
> as well. Our Kernel Rootkit needs to be able to install, uninstall,
> upgrade, trigger, and otherwise manipulate PINK or the
> MOSDEFService.exe. PINK 1.0 just got released and I find it quite
> interesting to see people's reactions to it.
>
>
> - -dave
>
> One last seat available in CANVAS training class next week in Miami
> Beach. May 1 & 2. $2000. Details here:
> http://www.immunityinc.com/education-canvas.shtml
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFIEPK3tehAhL0gheoRAobNAJ98X6A0ENCi20xOCIEVdgSOMh5UJQCfdtv8
> J0W8K4nMdmNVOTEFfbLUyQQ=
> =uKo3
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
More information about the Dailydave
mailing list