|
xXxKrisxXx
|
 |
« on: February 03, 2008, 10:40:25 PM » |
|
Sup EH-Network, Hope Everyone's Doing Well, How Bout That Super Bowl Eh.
Anyway, Just Trying To Spark A Conversation, I Was Wondering, What Is Your Personal Favorite Client Side Exploit & Why?
|
|
|
|
« Last Edit: February 03, 2008, 10:44:27 PM by KrisTeason »
|
Logged
|
eCPPT, GCIH, OSCP, OSWP
|
|
|
|
jimbob
Guest
|
|
« Reply #1 on: February 04, 2008, 04:34:52 AM » |
|
I don't have a specific favourite, whatever works is good with me :-)
The rise in the popularity of client side exploits, particularly web browser exploits, was that it debunked the age-old reasoning that you cannot get 0wned simply by looking at an email/web page/other data source. It was likely that this thinking contributed to proliferation of client side flaws.
The lesson? Never trust the data. Code like all data coming in is potential malicious and should be treated as suspect. Or is the lesson don't let the world's most popular web client rended your email?
Jimbob
|
|
|
|
|
Logged
|
|
|
|
|
BillV
|
|
« Reply #2 on: February 04, 2008, 09:27:31 AM » |
|
Yeah, I'd have to agree with jimbob. No particular favorite, just whatever can get the job done for that target.
|
|
|
|
|
Logged
|
|
|
|
|
xXxKrisxXx
|
|
« Reply #3 on: February 04, 2008, 03:42:25 PM » |
|
Ight Thanks For The Feedback.
|
|
|
|
|
Logged
|
eCPPT, GCIH, OSCP, OSWP
|
|
|
|
Kev
|
|
« Reply #4 on: February 04, 2008, 05:38:32 PM » |
|
With out a doubt my favorite client side attack is web browser exploits. Many computer savvy people know you should not download attachments but most feel safe to go and browse. If you can make someone feel like you are credible, say something like getting them to click on the link in your email that might look like a page on ebay of something you are selling, etc... you are going to get in if they are vulnerable to the exploit.
|
|
|
|
|
Logged
|
|
|
|
|
xXxKrisxXx
|
|
« Reply #5 on: February 04, 2008, 05:47:59 PM » |
|
Thanks For The Info Kev. Now I Was Wondering, What's Your Favorite Client Side Exploit Offered In Metasploit? (Ex: ms06_001_wmf_setabortproc)
|
|
|
|
|
Logged
|
eCPPT, GCIH, OSCP, OSWP
|
|
|
|
Kev
|
|
« Reply #6 on: February 04, 2008, 09:26:07 PM » |
|
My favorite metaspolit exploit? I really respect the metasploit project and in many ways I thinks it an awesome piece of code, but I rarely use it on a pentest. In fact, all most never. I still prefer to compile my own exploits and launch them. This is still the way of the hard core hacker and this is the way exploits are traded. I believe this is a must for the serious hacker. Say for instance someone sends you some new 0-day and you want to use it? But guess what, its not part of metaspoit? What do you do then?
|
|
|
|
« Last Edit: February 04, 2008, 09:29:57 PM by Kev »
|
Logged
|
|
|
|
|
xXxKrisxXx
|
|
« Reply #7 on: February 05, 2008, 12:25:18 AM » |
|
True True. Gotta Love That Its Free Too. Unlike Canvas, Core Impact, ect. I've never really looked into exploit development personally though, I will for sure sometime in the future. Was Just Asking Folks What Their Favorite Client Side Exploit In Metasploit Was.
|
|
|
|
|
Logged
|
eCPPT, GCIH, OSCP, OSWP
|
|
|
|
