![]() ![]() You could could deliver the evil files by email, shared USB drive, etc. It’s awesome–they don’t even have to open the file. As soon as they see your LNK file and the Windows GUI tries to draw the graphic icon, the box is pwned. All you need to do is install Metasploit, issue about 4 commands, and then get the victim to visit your malicious sever, either with IE, or with SMB (or SMB2). ![]() And if you administer any Windows servers, consider patching them fast! But you could totally pwn your friends at Defcon, and laugh at them for being vulnerable. There is no patch yet, although Sophos released a tool to protect systems 2 days ago, and now Microsoft Security Essentials blocks it, so the window of worldwide vulnerability is shrinking fast. The LNK 0day is a defect in all versions of Windows that lets you take over any Windows box. So the Speaker’s Corner is perfect for me! Here is what I wish I could add to my talk: I would REALLY like to do that this time, but it’s just impossible with a 20-minute talk and a sacred mission (IPv6) that really demands all that time. Last year I had the time to add a whole new topic to my talk, and a co-presenter (RSnake) too, so I could add the latest new awesome thing. Here is the motivational post I just submitted to the Defcon Speaker’s Corner about this attack: The Talk I Can’t Give: The LNK 0Dayĭefcon only makes you wait 2 months between submitting a talk and giving it, but even that is too long. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |