Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MalBox Release! A Program Behavior Analysis System!

From: DFlower <dflower.zs () gmail com>
Date: Thu, 19 May 2011 20:59:12 +0800
Hi, everyone
We've published a whitepaper on Malbox's site, which will introduce 
Malbox's architecture and workflow. You can download it from 
http://malbox.xjtu.edu.cn.



On Sat, May 14, 2011 at 10:55:30PM +0100, Chris M wrote:

Not convinced.

Tried to upload a few samples, "only support EXE files" ---- no DLLs? yet
you take URLs? only to exes?

The file I upped was a PE file. Just with a renamed extension.

Also submitted a couple of "known bad" files and got a list of tcp ports
back.... how is this operating? _SHARED_ sandbox?

Whats it based on?

More information would be appreciated :)

-C

I can still get HTTP 500 errors easily. That service is running vulnerable version of Tomcat and still saying wrong 
TCP-connections with any scan url/exe-sample. JS checks aren't done in backend.

Best regards,
Henri Salo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: