Turning your Antivirus into my botnet – OWASP Benelux 2013 – Slides
Below are the slides that I’ve presented at the OWASP Benelux day 2013 (Amsterdam). It covers partial results of my research about Managed Antivirus software, especially how I’ve chained multiple McAfee ePolicy Orchestrator bugs and weaknesses in order to compromise both the ePO server(s) and the managed stations. This is how ePolicy 0wner tool was born.
Thanks to the audience and the staff ! It was a very pleasant moment :-)
References:
- https://kc.mcafee.com/corporate/index?page=content&id=sb10042
- http://www.kb.cert.org/vuls/id/209131
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0140
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0141
Enjoy!
(5 votes, average: 4.60 out of 5)
Loading...
© 2013 – 2015, foip. All rights reserved.
Comments are closed.