This is not the correct place to make assumptions of this type. Please be concrete with your security reports whereby you include a summary of what you are trying to make a point out of here, and not baffle on high-level details that is not of relevance.
POC stands for Proof of Concept, and nothing else. On Tue, Oct 10, 2017 at 4:26 PM, Stealth Mode <stealthmode1...@gmail.com> wrote: > POC far as I know is always Point Of Contact. Or Professional Overseas > Contractor. > > Unless you are referring to Packet Order Correction in reference to > networking. Which yes, even then, does not apply in this situation. > > -StealthMode > > On Tue, Oct 10, 2017 at 10:19 AM, Alan Love <mumphs...@gmail.com> wrote: > >> Did you read how that's actually exploited? It would require another >> malicious script to parse the exif tag and eval some PHP. How exactly would >> a similar situation occur on a hosted game server? Do you have a poc? You >> say this email chain is one but I dont think you quite know what you're >> talking about. >> >> On Oct 10, 2017 9:15 AM, "Stealth Mode" <stealthmode1...@gmail.com> >> wrote: >> >>> This email is fine for a POC. Far as the exploit, for those who arent >>> familiar, this is an example. >>> >>> https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-W >>> ebshell-Backdoor-Code-in-Image-Files/ >>> >>> On Tue, Oct 10, 2017 at 5:19 AM, Saint K. <sai...@specialattack.net> >>> wrote: >>> >>>> Do you have a POC? >>>> >>>> >>>> * From: * Stealth Mode <stealthmode1...@gmail.com> >>>> * To: * <csgo_servers@list.valvesoftware.com> >>>> * Sent: * 10/10/2017 12:44 AM >>>> * Subject: * Re: [Csgo_servers] Custom files exploit >>>> >>>> Yes, IT skills. Electronics skills. And old school knowledge of how to >>>> inject image files with malicious code (NetSec/ITSec). This is an older >>>> style of "hacking". Remember those warnings about clicking download >>>> attachments from the 90s onward? Same thing still applies. Except, there is >>>> no detection for any hlds/go server, so an injected image can contaminate a >>>> server cache. Which in turn will infect clients. Any image file, any data >>>> file really, can be modified like this. Willing to bet good money those >>>> $500. go weapon skins have hack code scripted and injected into the image. >>>> >>>> >>>> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote: >>>> >>>> Sure, >>>> >>>> But you have anything to back this up? (don't take it the wrong way) >>>> >>>> Nilo. >>>> >>>> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>: >>>> >>>> Headsup admins/owners. Might want to disable custom files till valve >>>> addresses this issue brought to their attention a month ago. >>>> There is an exploit where any client with minor skill can inject custom >>>> files with all types of malicious code. From hacks in weapon skins, to >>>> ransomware in custom .bsp, to remote backdoors in custom spray paints. >>>> >>>> The exploit is injecting code into any image, sound, or data file. You >>>> can take weapon skins (csgo), sound files, spray paint image files, even >>>> .bsp/etc. and inject hack code, or actual ransomware, viruses, or >>>> Trojans/rootkits directly into a server cache, or client cache via the >>>> custom file. >>>> >>>> Might want to disable custom files till valve decides to correct this >>>> issue. >>>> >>>> -StealthMode >>>> >>>> _______________________________________________ >>>> Csgo_servers mailing list >>>> Csgo_servers@list.valvesoftware.com >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>> >>>> >>>> >>>> _______________________________________________ >>>> Csgo_servers mailing list >>>> Csgo_servers@list.valvesoftware.com >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> Csgo_servers mailing list >>>> Csgo_servers@list.valvesoftware.com >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>> >>>> >>>> _______________________________________________ >>>> Csgo_servers mailing list >>>> Csgo_servers@list.valvesoftware.com >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>> >>> >>> >>> _______________________________________________ >>> Csgo_servers mailing list >>> Csgo_servers@list.valvesoftware.com >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>> >> >> _______________________________________________ >> Csgo_servers mailing list >> Csgo_servers@list.valvesoftware.com >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> > > > _______________________________________________ > Csgo_servers mailing list > Csgo_servers@list.valvesoftware.com > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >
_______________________________________________ Csgo_servers mailing list Csgo_servers@list.valvesoftware.com https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
