Have a Mac? Have Java?

UPDATE 8/27/2012

TURN THAT SHIT OFF

http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/

Have a PC? Press Alt + F4 for the new version of NYSpeed!

kind of a dick move, no?

lol

Rick roll? I’m not clicking to find out, that’s for sure. LOL

Well I was running the java exploit with a do nothing payload…however I thought that might be mean.

So I changed it to just a website no java lol

Damn script kiddie.

Is this because Joyner said you don’t write viruses?

lol

pffftt, he didn’t write it. I saw LZ posting on twitter earlier today trying to acquire said code.

lol

what a slut…Apple just released a Java update today.

What? I was looking for a malware sample for that one trojan to look at…

The thing I was serving up was using metasploit with a custom payload lol

oh come on, i was just joshin with ya

Nice little job on that though. Pair that with a nice little phishing email or facebook link and you’ve got yourself some pwnage.

bump updated first post

If you have a Mac or PC might be a good idea to disable Java :slight_smile:

WTF does the exploit actually do? connects to an IP and downloads a payload?

“The applet check if the system is running Windows and gets the parameters passed from the HTML that contains the URL to download the payload. If the system is vulnerable, the payload is downloaded and executed in the system.”

How is that really any different from a majority of the other viruses. I mean Java does suck and leaves an easy gateway into the machine, but I feel like this happens quite frequently already.

Pretty much lets you execute whatever you want and doesn’t pop up that the applet is unsigned lol

---------- Post added at 10:29 AM ---------- Previous post was at 10:26 AM ----------

Looks like this if you know Java at all

This just pops calc.exe

http://pastie.org/4594319

So just because lots of other vulns exist, you should ignore this one?

I like to keep my shit secure.

^Not at all, just doesn’t seem like it’s a new exploit. I’d assume malwarebytes (pro version) as well as some others should flag the IP it’s downloading from as malicious and block it.