EvilZone
Hacking and Security => Hacking and Security => : Axon October 31, 2014, 03:02:13 PM
-
http://blog.spiderlabs.com/2014/10/reflected-file-download-the-white-paper.html
Just by downloading a file from a trusted domain, attackers can gain full control over your machine. So,this means no more RAT's?
-
User have to follow the link and run by himself downloaded file, in order to execute malicious script.
Just a new way to install dropper on user's host, or RAT if it's better option for you.
-
http://blog.spiderlabs.com/2014/10/reflected-file-download-the-white-paper.html (http://blog.spiderlabs.com/2014/10/reflected-file-download-the-white-paper.html)
Just by downloading a file from a trusted domain, attackers can gain full control over your machine. So,this means no more RAT's?
Another fucking reason why we are never safe...
-
Another fucking reason why we are never safe...
Haha true that.. :D
-
Haha true that.. :D
We are just basically fucked.
-
We are just basically fucked.
We? Dude we can fuck them too.. ;)
We hackers fuck them.. ;)
-
Yeah but still, we are allllll rapeddd
-
I hate to necro my own post (not really), but all this and more is here: https://evilzone.org/hacking-and-security/blackhat-2014-%28europe%29/
-
I hate to necro my own post (not really), but all this and more is here: https://evilzone.org/hacking-and-security/blackhat-2014-%28europe%29/
Thank you for the input, never seen your original thread. Nonetheless, here a practical exploitation of RFD with JSONP.
http://blog.davidvassallo.me/2014/11/02/practical-reflected-file-download-and-jsonp/