'Re: .LNK vulnerbility'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    Re: .LNK vulnerbility
From:       Curt Purdy <infosysec () gmail ! com>
Date:       2010-07-28 13:43:13
Message-ID: AANLkTik9Q4YHCOrg-vPei=9MuU2RB7Mfm+axX1o9R7aF () mail ! gmail ! com
[Download RAW message or body]

Daniel,

I find the best way to understand a vulnerability and exploit is to do
hands on work. Not only do you generate a much greater understanding
than you would if you simply read stuff, but it will remain in your
memory much longer.

I have always been a big fan of H. D. Moore's Metasploit, and
unfortunately (for us hackers, not for him as he deserves all the
money he can make) he is taking Metasploit commercial, but there is
still an open-source version available. He has a module demonstrating
the use in drive-by attacks. Per the website:

Microsoft Windows Shell LNK Code Execution
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain an icon resource pointing to a
malicious DLL. This module creates a WebDAV service that can be used
to run an arbitrary payload when accessed as a UNC path.

http://www.metasploit.com/modules/exploit/windows/browser/ms10_xxx_windows_shell_lnk_execute


And no, the link is not to a sample attack ;) It is to the module description.

Curt Purdy CISSP, GSNA, GSEC, MCSE+I, CCNA
infosysec@gmail.com
purdy@tecman.com


> Daniel Hood <dsmhood@gmail.com> writes:
> > List,
> > 
> > Can someone please share how this vulnerability actually works.
> > 
> > I'm wondering whether its a "You visit a .php page thats infected and
> > your exploited" or whether its a "You click a link on a .php page and
> > it links to a .lnk file and you download it and run it and your
> > exploited."?
> > 
> > Can someone please shed some light on this?
> > 
> > Daniel

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL \
certificate.  We look at how SSL works, how it benefits your company and how your \
customers can tell if a site is secure. You will find out how to test, purchase, \
install and use a thawte Digital Certificate on your Apache web server. Throughout, \
best practices for set-up are highlighted to help you ensure efficient ongoing \
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic