ACROS Security is presenting an analysis of many different delivery methods for binary planting attacks, providing a hopefully more comprehensive view on the feasibility of such attacks. We looked at some of the most popular web browsers, most popular e-mail clients and most popular document readers, trying to use them as delivery mechanisms for binary planting attacks.
Some interesting findings: - Clicking a link to a remote shared folder on a web page will open this share in Windows Explorer without a warning for 67% of all Internet Explorer users. - Clicking a link to a remote shared folder in an e-mail message will open this share in Windows Explorer without a warning for all Outlook, Windows Mail and Windows Live Mail users, regardless of their default web browser. (E-mail is the most likely vector for targeted attacks on corporate and government networks.) A full commentary: http://blog.acrossecurity.com/2010/09/binary-planting-attack-vectors.html Analysis: http://www.binaryplanting.com/attackVectors.htm Do the demonstrations for yourself and let us know how they worked for you. Pleasant reading, Mitja Kolsek CEO&CTO ACROS, d.o.o. Makedonska ulica 113 SI - 2000 Maribor, Slovenia tel: +386 2 3000 280 fax: +386 2 3000 282 web: http://www.acrossecurity.com ACROS Security: Finding Your Digital Vulnerabilities Before Others Do _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
