Now a days software developers do not spend much time on updates and secure delivery mechanisms. That’s
why standard processes for updating applications make many users vulnerable The process is as follows:
• Application by initiates update process.
• Application will connect to the DNS server host for example update.app1.com
• DNS server replies with server IP (for example 200.1.1.1).
• Application downloads a special file with information about the update, for example lastupdate.xml from update.app1.com
• Application analyzes the update file and detects new updates.
• Finally App1 downloads and execute the update:
http://update.app1.com/update.exe
A lot of applications do not verify the update’s contents and blindly trust the master update server. This does nothing to prevent an attacker pretending to be the update server and submit an application file to run on the system.Evilgrade is modular framework that allows attackers to take advantage of poor update implementations by injecting fake updates.
Google code mirror of Evilgrade
Enjoy...
why standard processes for updating applications make many users vulnerable The process is as follows:
• Application by initiates update process.
• Application will connect to the DNS server host for example update.app1.com
• DNS server replies with server IP (for example 200.1.1.1).
• Application downloads a special file with information about the update, for example lastupdate.xml from update.app1.com
• Application analyzes the update file and detects new updates.
• Finally App1 downloads and execute the update:
http://update.app1.com/update.exe
A lot of applications do not verify the update’s contents and blindly trust the master update server. This does nothing to prevent an attacker pretending to be the update server and submit an application file to run on the system.Evilgrade is modular framework that allows attackers to take advantage of poor update implementations by injecting fake updates.
Google code mirror of Evilgrade
Enjoy...
0 comments:
Post a Comment