|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [Dailydave] Still relevant after all these years... |  |
- To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
- Subject: Re: [Dailydave] Still relevant after all these years...
- From: Rafal Los <[EMAIL PROTECTED]>
- Date: Mon, 29 Dec 2008 19:28:28 +0000
- In-reply-to: <[EMAIL PROTECTED]>
- References: <[EMAIL PROTECTED]>
|
| |
First - Happy New Year all...
Now, perhaps I'm over-stating the obvious but... it seems like every year that passes the exploits get easier and easier to execute. It's not that systems are necessarily easier to hack (or maybe they are?) but that the combination of the two things outlined below is making "hacking" sort of a low-effort activity... at least on the surface. Now, before someone writes back, I fully realize that there still have to be in-depth researchers actually investigating, and writing the hard-core proggies to do these fun point-and-exploit activities... but let me put it out here...
- Tools have evolved tremendously, and abstracted the heavy-lifting from the interface. This means that there's a GUI front-end on just about anything now, and MSF and others like CANVAS are making it exponentially simpler to execute an attack
- Exploits have migrated up the stack... meaning, whereas hackers had to write actual buffer overflow code which took time to find, develop an exploit, and then test... now we've got SQLi which takes about 30 seconds to find/test/exploit... and it works universally whereas a buffer overflow or heap exploit worked on a specific target. This leads to a mass-exploitation being significantly easier, and almost a given.
I can't wait to see what '09 and beyond brings... this community is dynamic and we're always finding new ways to exploit those willing to put features ahead of security. My prediction for 2009... more exploitation not of "code" but of standards (like what happened with ClickJacking).
Again, Happy New Year, and a prosperous and healthy 2009 and beyond.
Rafal (Ralph) M. Los
IT Security - Response | Mitigation | Strategy
E-mail: [EMAIL PROTECTED]
- Blog: http://preachsecurity.blogspot.com
- LinkedIn:http://www.linkedin.com/in/rmlos
> Date: Mon, 29 Dec 2008 12:24:59 -0500
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: [Dailydave] Still relevant after all these years...
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Seems like it was just last year we were announcing the availability
> of D2's exploit pack, getting PINK ready for delivery, and wishing
> there was a remote on XP SP2. This year, of course, we will still be
> getting PINK ready for delivery, but we do have remotes on XP,
> finally, thanks to MS08-001 and (more reliably) MS08-067. Hooray for
> progress!
>
> Largely I track how hacking changes through coursework. It used to be
> that installing and using kernel rootkits would require quite a lot of
> explanation. Now it's double-click away. PHP web application exploits
> remain super-important as buffer overflows faded as a way to get onto
> Linux machines. Originally we used to spend a lot of time on
> shellcode, whereas now the shellcode libraries are big enough that
> there's something for almost every situation, usually wrapped in
> VisualSploit so I don't have to even go into how to use it from an API.
>
> Like every year, the best vulnerabilities were 0day that got
> discovered by someone not being careful enough, hackers are still
> relevant, and offense is still in a winning position.
>
> Happy New Year Everyone!
> - -dave
> (for those of you interested in actually USING VisualSploit to learn
> to write overflows...)
> Unethical Hacking Offering
> January 12-16, 2009: Duration: 5 days Cost: $5000 per person. Class
> taught at Immunity's Miami Beach HQ. Includes a CANVAS license. Email
> [EMAIL PROTECTED] for more information.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJWQfrtehAhL0gheoRAnQpAJ93HhUn+HnCxsYBGAqFHlkE/Z8AJwCdFb9H
> 2M2TY5/x2aAQJgflWSLRjUo=
> =uEn1
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dailydave mailing list
> [EMAIL PROTECTED]
> http://lists.immunitysec.com/mailman/listinfo/dailydave
Life on your PC is safer, easier, and more enjoyable with Windows Vista®. See how
|
_______________________________________________
Dailydave mailing list
[EMAIL PROTECTED]
http://lists.immunitysec.com/mailman/listinfo/dailydave
| |
