funsec mailing list archives
Re: Flame on!
From: valdis.kletnieks () vt edu
Date: Wed, 30 May 2012 23:23:47 -0400
On Wed, 30 May 2012 22:51:09 -0400, michael.blanchard () emc com said:
a-effin-men Rob!.... I went through the same screaming fit too.... Even though it sounds clever until you dig in just a little bit... 20 freakin meg in size? I mean seriously???? The only reason it hasn't been caught in 5 years (if that's even true) is because it's so freakin' huge LOL
All the AV products probably have a check "If it's a binary over X bytes in size, it must be a legit binary from Microsoft or Adobe" check. Somebody probably just wrote a meg of code, then pasted in 19M of total dead-code crap from Microsoft Flight Simulator just to bulk it up over the limit.
"Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats." [So? We had RATs that could do that at least a decade ago.]
How big was Back Orifice, which did much of the same stuff *way* back when?
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Flame on! Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 30)
- Re: Flame on! michael.blanchard (May 30)
- Re: Flame on! valdis . kletnieks (May 30)
- Re: Flame on! michael.blanchard (May 30)
- Re: Flame on! Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 30)
- Re: Flame on! Paul Ferguson (May 30)
- Re: Flame on! valdis . kletnieks (May 30)
- Re: Flame on! Drsolly (May 31)
- Re: Flame on! michael.blanchard (May 30)