|
|
BugTraq
RE: Followup: vuln in WinBlox monitor for winnt Mar 31 2004 06:36PM Drew Copley (dcopley eeye com) (1 replies) RE: Followup: vuln in WinBlox monitor for winnt Mar 31 2004 03:35AM Oliver Lavery (oliver lavery sympatico ca) (1 replies) |
|
Privacy Statement |
http://umbrella.name/winblox/
there is detailed information on how to build and description on files.
WinBlox is a small tool monitoring(spy/kill) file operation and commandline execution.
pattern matching is done by PCRE.
api hooking is done by DETOURS.
the source code of monitor DLL can be directly read at:
http://umbrella.name/winblox/
there are about 600 lines of CPP.
BTW,
"Oliver Lavery" = (oliver.lavery_at_sympatico.ca):
found a vuln in WinBlox within 24 hours, and concluded it's "dangerous"
and said
"he'd release the code. So let the games begin ;) "
at
http://seclists.org/lists/bugtraq/2004/Mar/0364.html
http://seclists.org/lists/bugtraq/2004/Mar/0349.html
i hope other guys can also join this "game" - find bugs!
at last, let me repeat:
it's totally a new tool and not for operational uses.
__________________________________
Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway
http://promotions.yahoo.com/design_giveaway/
[ reply ]