ClamWin 0.99 DLL Hijacking

Hi @ll, the executable installer clamwin-0.99-setup.exe available from loads and executes DWMAPI.dll or UXTheme.dll from its "application directory". For software downloaded with a web browser the application directory is typically the user's "Downloads" directory: see , and for "prior art" about...

Injecting Fake Updates: Evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...

Construct a special file name to bypass multiple anti-virus engine-vulnerability warning-the black bar safety net

Affected by the anti - virusengine: Kaspersky Antivirus Symantec AntiVirus F-Prot Antivirus ClamWin Antivirus Avast Antivirus RAV AntiVirus Microsoft AntiSpyware Tested version: Symantec AntiVirus Corporate 8.0 Kaspersky Antivirus Personal Pro 4.5.0.104 Kaspersky Antivirus For MS NTServer 4.5.0.1...