lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 28 Jul 2004 10:30:35 +0100
From: Kev Ford <kev@...d.co.uk>
To: bugtraq@...urityfocus.com
Subject: Re: eSafe: Could this be exploited?


On 26 Jul 2004, at 21:26, Hugo van der Kooij wrote:
>
> If someone is able to create a test executable based on the EICAR 
> string
> the point might be proven. Unfortunatly I am not a programmer and lack
> window compiler tools all together. But if someone thinks (s)he can 
> create
> a sample binary that may run when the last bit is shot to pieces and 
> still
> contain a valid EICAR definition to show to the screen the issue might 
> be
> proven.
>
Just an idle thought, but what about scripting? Would it be possible to 
get some simple scripts through simply by making a large portion of the 
end of the message useless comment fields? Maybe even a worm that 
rewrites this 'noise' every time to make a moving target?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ