I have to give credit to
Pauldotcom for doing a tech segment on Evilgrade on the Pauldotcom Security Weekly podcast recently. After hearing about Evilgrade I was interested in gaining more information on how the tool worked.

Evilgrade from
Infobyte Security Research is a framework similar to Metasploit Framework (MSF) except it's specifically designed to exploit software updates. The tool uses a couple of techniques including DNS manipulation and rogue upgrade servers to exploit update services of many applications including Notepad++ and Java. So you may patch your system from vulnerabilities and at the same time get a little bit extra out of your update. That's bad for you but good for an attacker.
See the Demo at your own risk >
http://www.infobyte.com.ar/demo/evilgrade.htmIt also looks like Evilgrade will get gobbled up into to MSF eventually. MSF is like the Energizer battery Bunny of "security" tools, just keeps going, going, going.......
No comments:
Post a Comment