Logo Infobyte
VOID
Home
About
Advisories
Develpments
Papers
Links
VOID VOID VOID
  Organization dedicated to research, analysis topics like security, cryptography, forensic, electronics development, reverse engineering, science in general.
Organizer of ekoparty security conference
 
void Advisories
  void
 
Red 07/02/08: PoC Novell GroupWise Messenger Client (GWIM) Remote
Francisco Amato - ISR-groupwisemsn.pl, simple fake groupwise msn server.
void Line
 
Red 12/14/07: PoC Novell Groupwise Client Remote Stack Overflow
Francisco Amato - Metasploit 2.7 and 3.0 modules.
void Line
 
Red 06/25/07: ISR-sqlget v.1.0.0
Francisco Amato - blind SQL injection tool developed in Perl. (demo)
void Line
 
Red 02/15/07: ISR-suntelnet 
Francisco Amato - Solaris automatic telnet vulnerability check.
void Line
 
Red 08/29/06: PoC / ActiveX Exploit
Francisco Amato - IBM ActiveX Code Execution
void Line
 
Red 08/14/06: ISR-Gvirtual v.1
Francisco Amato - information Gathering software, using Goggle API to discover vhosts.
sds
void  
 

ISR-evilgrade v2.0.0 

It's is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.

More info:
Link http://www.infobyte.com.ar/down/ISR-evilgrade-Readme.txt
Link ISR-evilgrade presentation slides
Link Demo feature - (Java plugin signed certificate bypass + javapayload) = pwnage.


Download Button


Copyright 2012 Infobyte Security Research.