Hi, The demo takes a while to load, goes fast, but shows how the exploit for DNS can potentially be used to get into a persons machine w/o them even being involved. Tuc/TBOH Forwarded message:

-- ISR - Infobyte Security Research -- | ISR-evilgrade | www.infobyte.com.ar |

ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.

* How does it work?

It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victim dns traffic.

Attack vectors: ---------------------

Internal scenary: (Internal DNS access,ARP spoofing,DNS Cache Poisoning, DHCP spoofing) External scenary: (Internal DNS access,DNS Cache Poisoning)

* What are the supported OS?

The framework is multiplaform, it only depends of having the right payload for the target platform to be exploited.

Implemented modules: --------------------------------- - Java plugin - Winzip - Winamp - MacOS - OpenOffices - iTunes - Linkedin Toolbar - DAP [Download Accelerator] - notepad++ - speedbit

..:: DEMO

Demo feature - (Java plugin + Dan Kaminsky�s Dns vulnerability) = remote pwned. http://www.infobyte.com.ar/demo/evilgrade.htm

..:: AUTHOR

Francisco Amato famato+at+infobyte+dot+com+dot+ar

..:: DOWNLOAD

http://www.infobyte.com.ar/developments.html

..:: MORE INFORMATION

Presentation: http://www.infobyte.com.ar/down/Francisco-Amato-evilgrade-ENG.html