Attack Trojans-remote control software of its own vulnerability to your attention?-vulnerability warning-the black bar safety net

ID MYHACK58:62200818859
Type myhack58
Reporter 佚名
Modified 2008-04-22T00:00:00


from:sowhat blog

Two days before the RSA conference, there was a guy named Joel Eriksson researchers show how to attack the Trojans, particularly the Trojan control terminal)to control the“hacker”.

Eriksson found one in the Celestial Empire one of the more popular PCshare of vulnerability, you can upload the file to the control terminal of the since the start of the directory.:) ! attachments/200804/21_125731_tmp.jpg

This is his show Pcshare pictures, this one looks like and he said the vulnerability also nothing relationship.

2 0 0 5 years time, I plan to go to Germany 22C3 do a similarly-themed presentation, but later because of visa reasons, did not take place. Entitled Exploiting the Rootkit on At the time in order to fit the speech, but also to find a few Trojans vulnerabilities, such as the WinEggDrop, the.

Attack Trojans have at least two ideas:

To 1. The use of the controlled end of the vulnerability, the root someone root through the machine. For example above this Wineggdrop hole

2。 The use of the control terminal of the vulnerability, the root of the intruder's machine. For example, PCshare this hole

There is also a local opportunity, Local Privilege Escalation.

It seems now we have been satisfied with the attackoperating system, to attack the security software, the attacks of the so-called“Black soft”.

Intrusion risks, to put the horses need to be cautious.