n00bRAT -[Linux Remote Admin Tool]-
I am working on an open-source undetectable TuX.RAT project, currently in its Beta stage, released at Sourceforge at following link.
Give feedback of how to grow this project... what our geek community wants.
URL :: http://sourceforge.net/projects/n00brat/
::Description::
An undetectable Remote Administration Tool -OR- trojan, an all new approach. Easily usable, Client just requires any Web Browser to control remote machine via WebPage. Fooling firewalls/ids/ips security solutions, as it operates like any web-site.
::Usage::
* Remote Administration Tool for Linux/Unix (POSIX Based Machines)
* Can use it like a Trojan to test your Firewall / IDS / IPS
A Demo Video of Why This? What Code Is? How it Works?
http://www.youtube.com/watch?v=Jnx7nD0qU7M
Showing posts with label Remote. Show all posts
Showing posts with label Remote. Show all posts
Saturday, December 12, 2009
Tuesday, July 7, 2009
Vulnerable Microsoft's Video ActiveX Control Allows Remote Access [ 0-day attacks]
Vulnerable Microsoft's Video ActiveX Control Allows Remote Access [ 0-day attacks]
As made public on June 6'2009, Microsoft's Video ActiveX has Remote Code Exploit threat, where using a malformed web-page Remote code execution could be enabled on the target machine. Cybercriminals are using the vulnerability to install a data stealing trojan on target machine affecting Microsoft Directshow.
If the target user is using IE, then attacker could get local user rights using exploits by without any user-intervention. So, the CyberCriminal just need to pursue victim to view it's malformed web-page and the victim's machine gets compromised.
Microsoft states it is aware of the vulnerability and suggests Kill-bit MPEG2TuneRequest ActiveX Control Object (CLSID 0955AC62-BF2E-4CBA-A2B9-A63F772D46CF) as the workaround to avoid the threat.
The defense it would provide is more than the minor side-effects it would cause.
To Avoid Threat
This kill-bit to avoid the threat can be automatically applied to your windows machine by "Microsoft Fix It" from online utility provided by Microsoft.com @ http://support.microsoft.com/kb/972890
Microsoft's Link : Enable The Fix || Workaround
Microsoft's Link : Disable The Fix || Workaround
Data 'bout Threat
Can be exploited via any kind of HTML document, a website or e-mail, etc. . This vulnerability is not a risk if you are using Windows Vista.
. 967 Chinese websites replorted to successive redirecting to finally download a JPG file containing the exploit, detected by Trend Micro as JS_DLOADER.BD., that downloads another malware detected as WORM_KILLAV.AI. This malware disables and terminates AV processes, and drops other malware on the affected system.
Detailed Info from Microsoft Security Advisory
As made public on June 6'2009, Microsoft's Video ActiveX has Remote Code Exploit threat, where using a malformed web-page Remote code execution could be enabled on the target machine. Cybercriminals are using the vulnerability to install a data stealing trojan on target machine affecting Microsoft Directshow.
If the target user is using IE, then attacker could get local user rights using exploits by without any user-intervention. So, the CyberCriminal just need to pursue victim to view it's malformed web-page and the victim's machine gets compromised.
Microsoft states it is aware of the vulnerability and suggests Kill-bit MPEG2TuneRequest ActiveX Control Object (CLSID 0955AC62-BF2E-4CBA-A2B9-A63F772D46CF) as the workaround to avoid the threat.
The defense it would provide is more than the minor side-effects it would cause.
To Avoid Threat
This kill-bit to avoid the threat can be automatically applied to your windows machine by "Microsoft Fix It" from online utility provided by Microsoft.com @ http://support.microsoft.com/kb/972890
Microsoft's Link : Enable The Fix || Workaround
Microsoft's Link : Disable The Fix || Workaround
Data 'bout Threat
Can be exploited via any kind of HTML document, a website or e-mail, etc. . This vulnerability is not a risk if you are using Windows Vista.
. 967 Chinese websites replorted to successive redirecting to finally download a JPG file containing the exploit, detected by Trend Micro as JS_DLOADER.BD., that downloads another malware detected as WORM_KILLAV.AI. This malware disables and terminates AV processes, and drops other malware on the affected system.
Detailed Info from Microsoft Security Advisory
Subscribe to:
Posts (Atom)
Posts
