Dailydave mailing list archives
Exploits are important (or "Challenging your assumptions")
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 11 May 2011 13:49:56 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You'd think it would go without saying, but it clearly does not. But it comes down to this: Exploits are important. Is it true that you can hack without them: Yes. You can hack, as Mitnick keeps pointing out, with just a phone and a dream. For example, Val Smith did a post recently on how he does not use exploit frameworks to hack (http://carnal0wnage.attackresearch.com/node/453) and you don't HAVE to. But that doesn't challenge an organization's assumptions. People expect to get lied to. And they expect misconfiguration and lacking IT management. But exploits they don't expect, even when they should. Exploits provide 3 major assumptions to attackers: 1. The attacker is ring0 on any machine they can execute binary code on 2. The attacker can execute binary code on any machine they can convince to connect to them (say, a browser) 3. The attacker can execute binary code on any machine they can get to execute interpreted bytecode (say, a PHP interpreter, or Python on Google App Engine, or Adobe Reader) Even without 0day, this is true because of the speed exploits come out: CANVAS, for example, had the pkexec bug released to customers yesterday (which YOU I'm sure have already patched, but most people haven't). We had the OS X local within a day, the MS11-032 local within a day. This is the first assumption written, not as a abstract concept, but as a 3K USD per-pentester a year subscription. So yes, even though as Val Smith say, learning a complex toolset like an attack framework requires significant time investment, if it can get you root once, when otherwise you'd have to fiddle around guessing passwords and leaving logs, it's well worth it. :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3KzEQACgkQZH6GP9oltEtEWACeMQAgL95UdhOJeuZ5hGJQ2BhN qrcAnjFi9emykibUg2Wt/no8ZelciAlO =zMCC -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Exploits are important (or "Challenging your assumptions") Dave Aitel (May 11)
- Re: Exploits are important (or "Challenging your assumptions") Val Smith (May 11)
- Re: Exploits are important (or "Challenging your assumptions") Mohammad Hosein (May 12)
- Re: Exploits are important (or "Challenging your assumptions") Val Smith (May 12)
- Re: Exploits are important (or "Challenging your assumptions") Vitaly Osipov (May 13)
- Re: Exploits are important (or "Challenging your assumptions") Daniel Clemens (May 13)
- Re: Exploits are important (or "Challenging your assumptions") Mohammad Hosein (May 12)
- Re: Exploits are important (or "Challenging your assumptions") Val Smith (May 11)