Nytro Posted January 4, 2013 Report Posted January 4, 2013 Analytical Summary Of The Blackhole Exploit Kit Description: ANALYTICAL SUMMARY OF THE BLACKHOLE EXPLOIT KITAlmost Everything You Ever Wanted To Know About The BlackHole Exploit KitThere are hundreds, if not thousands, of news articles and blog posts about the BlackHole Exploit Kit. Usually, each story covers only a very narrow part of the subject matter. This talk will summarize the history of the BlackHole Exploit Kit into one easy to follow story. There will be diagrams and flow-charts for explaining code, rather than a giant blob of illegible Javascript, PHP, or x86 Assembly.A. What a browser exploit kit is, and what it isn'tIt only does exploitsDirecting victims to the exploits is out of scopeUsually done with spam or iframe injectionsThe actual malware installed is out of scope tooWhere is exploit kit is hosted, is also quite variableB. TimelineVersion 1.0.0 - September 2010 i. It's not that different from other exploit kitsVersion 1.0.1Version 1.0.2 - November 2010 i. Changelog ii. Leaked in May 2011Version 1.1.0 - December 2010 i. ChangelogVersion 1.2.0 - August 2011 i. ChangelogVersion 1.2.1 - December 2011Version 1.2.2 i. Cryptome "Virus"Version 1.2.3 - March 2012Version 1.2.4 - June 2012 i. CVE-2012-1723 ii. CVE-2011-2110Version 1.2.5 - July 2012 i. CVE-2012-1889 ii. A single IFRAME injection campaign uses a temporal 'Domain Generation Algorithm'August 2012 i. CVE-2012-4681Version 2.0.0 - September 2012 i. Changelog ii. The official announcement isn't entirely true.C. The "Free Version"Pulled from a system with C99 ShellIonCube "copy protection"How to break IonCube obfuscationAnalysis of PHP Source CodeD. Open Source Code in usePluginDetectMaxMind GeoIPetc.E. The ExploitsCVE-2010-0188etc. etc. etc. as time allows X. There is almost no change in the expliots themselves from one version of the exploit kit to the next. Y. Currious clues about the possible authorship of some exploits Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Sursa: Analytical Summary Of The Blackhole Exploit Kit Quote
dustfeather Posted January 4, 2013 Report Posted January 4, 2013 Bine ca stiu cat despre ce e vb si ca n-am nevoie sa-l vad ca n-as fi reusit Pacat ca se balbaie ala in continuu si e enervant ca subiectul era ok. Quote