Search:
Advanced search
|
Multi browser exploitArticle ID: 211
Last updated: 26 May, 2015
DetailsThis exploit targets:
Requirements/Conditions/Restraints
If some of the above requirements are not met, the agent will not be installed, while the website is correctly displayed. No alert message is displayed when accessing the exploiting website, no user interaction is required but browsing the infecting URL. If the exploit is successful, the scout will start after the next logon or system reboot. All the exploits are one-shot: the exploiting URL will try to exploit only the first user that browses it; all subsequent visitors will see the site content with no exploit. InstructionsWe offer three different ways to deliver the exploit: A) Hosted We offer our anonymous network infrastructure to host a fake website that will infect the target and then redirect to a chosen website (e.g. http://www.cnn.com). The client sends us:
We send to the client:
B) HTML We provide an HTML snippet containing an iframe that loads the exploit code. Such code can be deployed in a custom website hosted by the client or using the TNI. The exploit will be available only for a limited period of time, after 7 days it will automatically deactivate itself.
|