Tuesday, July 17, 2007

Phân tích Web-Attacker

WebSense vừa có hai bài giới thiệuphân tích chi tiết mã nguồn của Web-Attacker:
Simply put, Web-Attacker is a Perl CGI script designed to exploit website visitors and execute code on their local computer. The script may be purchased from a Russian group for $300 or upgraded for $25. Once it is purchased and installed, the buyer simply needs to provide some type of malware (keylogger, spyware, and the like).
Dòng quảng cáo về Web-Attacker trông khá "ấn tượng":

Dear Friends! We would like to offer you multi-component exploit Web-Attacker, that realizes vulnerabilities in the internet browsers Internet Explorer and Mozilla Firefox. With the help of this exploit you will be able to install any programs on the local disks of visitors of your web pages. In the foundation of work of the exploit Web-Attacker, there are 7 already-known vulnerabilities in the internet browsers.

Objective of the Exploit: Hidden drop of the executable from the deleted source to the local hard drive of the site visitor.

No comments: