Security Hero Rotating Header Image

Evasion with OLE2 Fragmentation

May 15th, 2009
by invalid string.

Evasion with OLE2 Fragmentation

Posted by H D Moore on May 15

Something to keep in mind when using Office doc exploits during
penetration tests:
  -
www.breakingpointsystems.com/community/blog/evasion-with-ole2-fragmentation

(links active within in the article itself)

URL: http://seclists.org/pen-test/2009/May/0043.html

Posted in: Security.
Tagged:

One Comment

  1. "Penetration Testing (pen-test) Mailing List" says:
    May 15, 2009 at 9:27 pm

    Re: Evasion with OLE2 Fragmentation

    Posted by Jeffrey Walton on May 16

    > Its embarrassing that so many products fail to detect
    > known threats that have the exact same byte stream…
    Try the EICAR test string using an arbitrary location within the file
    (rather than starting at offset 0). Only four scanner engines on
    VirusTotal.com detected the string when…

    URL: http://seclists.org/pen-test/2009/May/0048.html

Leave a Reply

Powered by WP Hashcash

Spam Protection by WP-SpamFree

Bad Behavior has blocked 499 access attempts in the last 7 days.