Have a Mac? Have Java?

NYSpeed Automotive NYSpeed Off Topic
21

So not really…

Pretty much in IE/Firefox the java applet will run and you will never know…

Chrome will still prompt a security alert to run the applet

http://cdn.ghacks.net/wp-content/uploads/2011/04/java-plug-in-550x417.jpg

They can obfuscate whatever payload and your AV won’t pick it up.

This is bad because usually vendors issue a patch relatively quickly and this doesn’t have a patch yet so pretty much any box running java is vulnerable.

22

In Metasplot. Hooray for “hackers” now using it.

23

It actually being in the metasploit doesn’t mean much since all of the MSF payloads are detected by all major AV companies.

If you understand how MSF works and have some level of skill you can modify the exploits and payloads to not be detected but that isn’t the majority of people.

Metasploit stopped trying to avoid AV because everytime they changed something AV vendors would quickly evolve now they just let users do that which makes it harder.

24

Oh…you’ve got the Norton toolbar…you’re all set :stuck_out_tongue: j/k. So all they need is a clever social network scheme, redirect to a website, run the applet (Stealthly), check for vulnerability, download payload, run payload, do whatever…If I understand (which I probably don’t) the process correctly.

25

So the real issue is legit sites getting hacked quietly and someone embedding an exploit like this or hacking 3rd party AD sites and doing the same.

Obviously sending people spam with a malicious link is also an option.

http://www.cloudsafe365.com/blackhole-exploit-kit-explained-wordpress/

http://blogs.technet.com/b/security/archive/2012/07/19/the-rise-of-the-black-hole-exploit-kit-the-importance-of-keeping-all-software-up-to-date.aspx

26

Here you go start hacking

27

Ya it isn’t hard to trick most AV’s. MSF has some fun stuff in it. Here is a video if anyone is bored and some other stuff.

http://www.securitytube.net/video/2666

Whole MSF training
http://www.securitytube.net/groups?operation=view&groupId=10
http://www.offensive-security.com/metasploit-unleashed/

When you get good here is the Meterperter script that you can have fun with but may be outdated. Had this one bookmarked a while ago while playing around with some stuff.
http://pastebin.com/fXF2jKwY

28

Microsoft Security Essentials picks up all the metasploit payloads(java, php, compiled c)

You need to roll a custom payload it will stop exploits before you even get a chance to kill off AV.