I'm currently working on a project for my Msc in Computer Security to investigate CVE2012-1852, which is a vulnerability within Windows XP and the mechanism for discovering other computers located on the network. It means that a Windows XP machine can be compromised just by opening a list of networked computers.
Through the process of patch analysis, which is basically looking at the disassembly of a fixed dll file and a non fixed dll file to spot the differences, along with general reverse engineering via Ollydbug, I've found the vulnerable piece of code and I'm currently looking into how an exploit could be delivered.
I've been able to produce a scapy script that can produce ghost machines on a network as well "win the browser election" but the problem then is to replicate all the protocol requirements to convince the system that a scapy script is a true server machine is very complex and would take a very long time to implement.
I am therefore looking into making a few changes to a Linux program to act as the delivery mechanism for testing my proof-of-concept exploit.
Creation of Ghost Machines
No comments:
Post a Comment