1   1  /  1  页   跳转

已删除

已删除

已删除
最后编辑taylor05771 最后编辑于 2010-10-15 21:00:56
分享到:
gototop
 

引用:
【普通人的贴子】工具????
...........................

工具在下载地址
gototop
 

好像6.0也涉及
gototop
 

盗版 不能用
gototop
 

引用:
【wasjb的贴子】简直胡说八道的.你再好好看看原文,原文最后一句是:ZA PRO5.5以上正式版用户,有"程序控制"功能,不受上述恶意代码影响.
...........................

5.5以上的版本有个溢出漏洞
要做一样做
还有 出了这样天大的事情 这么NB 的工具
要是咖啡 不杀这个工具 咖啡可以关门了
gototop
 

补充一下 该漏洞的原文
Hi All !!

While I was testing desktop based firewalls (here it is Zone Alarm Pro) with
the firewall evasion kit developed by me, I found that a very old flaw still
exists in many latest versions of desktop based firewalls. It is possible
for a malicious program to bypass a desktop based firewall by using DDE-IPC
(Direct Data Exchange - Interprocess Communications) which enables an
un-trusted program to communicate with the attacker or access internet via
other trusted programs (Ex: Internet Explorer). This flaw is known since
before year 2003.

As per a post by Te Smith (Sr. Director, Corporate Communications, Zone
Labs), this issue is resolved in higher version Zone Alarm Pro having
Advanced Program Control feature. (Ref #
http://seclists.org/lists/bugtraq/2003/Jul/0000.html) However, I find that
this issue still exists in higher versions of Zone Alarm Pro and might also
exist in other desktop based firewalls.

I didn't find any good PoC around, so I thought of writing a PoC which can
demonstrate and explain how an un-trusted program can access internet or
establish connection with the attacker via other trusted programs by
leveraging over the DDE-IPC design flaw.

The PoC can be downloaded from the following link:
http://hackingspirits.com/vuln-rnd/vuln-rnd.html


gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT