topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 6:09 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Poll

Did you pass the Vulnerability Test?

Yes; I use a virtual sandbox
Yes; anti-spyware/firewall/anti-virus stopped the attack!
No; my PC could not stop the attack
I will not take the test

Author Topic: Poll: Vulnerability Test (spy attack: SUCCESS!)  (Read 3124 times)

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Poll: Vulnerability Test (spy attack: SUCCESS!)
« on: June 17, 2007, 05:00 AM »
Reading about safety, first about firewalls, anti-spyware programs and such, and then about virtual partitions, sandboxes and stuff, I came to this page, saying:

Proof Of concept
Don’t CompromiseVirtualize!

Attention: By agreeing to perform the following PC vulnerability test, you will become subject to our “Cyber Attack”. This is only a demonstration and no actual damage will be caused to your PC or network.

We will, however, simulate a malicious file received, for example, via the Web, as an email attachment, from a memory stick, or from any other path by which an executable file can enter your system. We will attempt to prove that none of your security systems will identify or alert you to our intrusion attempt.

Step 1: Run our .exe Vulnerability Test File
As you run our .exe file, we will demonstrate how hackers can do as they like on your PC:

  • A.      Launch your Windows Calculator
  • B.      Abort your Internet Explorer
  • C.      Access several sensitive files (no harm will actually be done), and scan your ‘My 
  •       Documents’ folder, where you probably keep your private information.

  • D.      We will then place your sensitive file names (names only!) on our server. During the
  •       process, your firewall may notify you of our demo trying to access the network; this means
  •       that our demo has successfully accessed your system and is trying to report its findings to
  •       our server.


Step 2: View your PC’s Vulnerability Test results
If you allow our Vulnerability Test File to connect to the Internet, you will receive a link that enables you to view your PC’s Vulnerability Test results. As soon as you refresh that Web page, the information we were able to collect from your PC will be immediately and automatically erased from our servers.

(...)

After reading and agreeing to the above, I want to launch the Vulnerability Test File
-Buffer Zone


"I want to launch the Vulnerability Test File". I clicked the link to open the test file, and sure enough: My calculator did open, Explorer crashed, and the name of every file I have in MyDocuments was "published" on the Internet - with the headline "Process communication attack: SUCCESS!" and a last line declaring "spy attack: SUCCESS!"!!

Of course no harm was done.

Suddenly I am even more interested in virtual sandboxes!!

Can you pass the Vulnerability Test from Buffer Zone?? (scroll all down to the last line)
Please first take the test and then come back and Vote and Post.
 :tellme:

bzicon.gif  http://www.trustware...roof_of_concept.html
« Last Edit: June 17, 2007, 07:04 AM by Curt »

Hirudin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 543
    • View Profile
    • Donate to Member
Re: spy attack: SUCCESS!
« Reply #1 on: June 17, 2007, 05:35 AM »
I ran it, it did what it's apparently suppose to... interesting. No word from my security software (Kaspersky IS 6.0)

I don't know anything about malware, is it possible it worked because it was executed by a local user?

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Poll: Vulnerability Test (spy attack: SUCCESS!)
« Reply #2 on: June 17, 2007, 11:45 AM »
I don't know anything about malware, is it possible it worked because it was executed by a local user?

Executing anything as a local user is dangerous. Once you've got permissions there, anything is game.

This is just more scareware to freak people out and get them to buy.

Getting local user permissions is not easy.

And the EXE file was malicious. Unpacking it caused execution. That's just not nice. Ok - well, maybe not really malicious, but they're being very devious with the whole thing.

Heck - These guys just need to make a living like everyone else... Whatever... The EXE didn't to any harm... (Was sneaky, but no harm...)


Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Poll: Vulnerability Test (spy attack: SUCCESS!)
« Reply #3 on: June 17, 2007, 12:08 PM »
I tend to pay a lot of attention to tests that run in the browser and and simulate what another website could do.  but any "test" which requires me to download and run an exe is not something i consider very relevant, since i think if a malicious adversary can get you to download and run an exe on your pc (and you dont run it inside a virtual machine like vmware or virtualpc), you have lost the game already, and there isn't much you can do to prevent harm.

Now that's not to say that they don't make a good product, I don't know.  If they are coming up with an easier way to virtualize specific applications, etc., that could be a cool thing.  I'm only saying i don't need a "test" to tell me that if i download and run a random exe on my machine that there is little protection against what it wants to do.
« Last Edit: June 17, 2007, 12:10 PM by mouser »