|
|
|
Bypassing Windows Unknown Publisher Verification For Web Downloaded Executables |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Bypassing Windows Unknown Publisher Verification For Web Downloaded Executables Par EvilFingersLe [2009-12-11] à 12:18:48
Présentation : I was in another day of jumping from a client to a client, securing another bank in Israel when my girlfriend called and said Honey, I am at the office, I have absolutely nothing to do and I can't connect from here to our computer at home to continue my project . I said, O.K, let's see what we can do on a 5 minute phone call. Now just want to make it clear, my girlfriend is an Information System Instructor, she is no developer or hacker. Me Honey, go to http www.teamviewer.com, can you download it Her yes, but when I run the setup.exe it says something weired like 'windows has blocked this software because it can't verify the publisher' and it won't let me install Me O.K, Open Start-Run, type notepad and space, now click on setup.exe and drag it to the text box at Start-Run. Now add ' Zone.Identifier' just before the last quotes. What do you see Her I see something like ZoneId 3, now what Me I can't talk, going into a meeting, try to change it to 1 or delete everything, bye bye bye After 10 minutes I get an SMS thanks honey it worked .Well we found a bug, I wouldn't really call it a Privilege Escalation but I guess you don't have to be a hacker to bypass windows security restrictions
Les mots clés de la revue de presse pour cet article : windows
Les videos sur SecuObs pour les mots clés : windows
Les mots clés pour les articles publiés sur SecuObs : windows
Les éléments de la revue Twitter pour les mots clé : windows
Les derniers articles du site "EvilFingers" :
- EFBlog Moved Permanently
- Crimeware in 2009
- Anti-Virus Live 2010. Talking with the enemy
- RussKill. Application to perform denial of service attacks
- Bypassing Windows Unknown Publisher Verification For Web Downloaded Executables
- Fusion. A concept adopted by the current crimeware II
- Disinformation campaign to spread malware
- A brief glance inside Fragus
- Exploiting WebView through Internet Explorer to remotely discover windows directory
- Koobface campaign spread through Blogspot
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
