[Dailydave] Java is fun!
KF (lists)
kf_lists at digitalmunition.com
Wed May 20 15:48:14 EDT 2009
Landon was nice enough to leave the .class files non obfuscated for
those of you that missed it...
http://landonf.bikemonkey.org/static/moab-tests/CVE-2008-5353/HelloWorldApplet.class
http://landonf.bikemonkey.org/static/moab-tests/CVE-2008-5353/t.tmp
http://landonf.bikemonkey.org/static/moab-tests/CVE-2008-5353/javax/Exec.class
http://landonf.bikemonkey.org/static/moab-tests/CVE-2008-5353/javax/Exec$1.class
http://landonf.bikemonkey.org/static/moab-tests/CVE-2008-5353/fun/FunLoader.class
http://www.varaneckas.com/jad
-KF
On May 20, 2009, at 4:39 AM, Dave Aitel wrote:
> So here are a couple of blog posts about a great bug that has been
> used to great effect and is in a CANVAS installation near you!
>
> http://blog.cr0.org/2009/05/write-once-own-everyone.html
> http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
>
> Basically, you get to execute Java code as the user if they visit
> your web page and have Java turned on. This is default in Fedora,
> for example, and Bas handily owned my laptop with it. In CANVAS you
> don't execute commands so much as get a JavaNode connectback (which
> is somewhat similar to MOSDEF).
>
> Anyways, it's one of my favorite updates to CANVAS recently. Go
> Julian and his wacky ReplaceObject() tricks! :>
>
> -dave
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20090520/0b425c23/attachment-0001.htm
More information about the Dailydave
mailing list