Persistent Asynchronous and Fileless Backdoor
TNzWWG
TNzWWG
- No tags were found...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
2010 - Stuxnet• Exploited MS10-061 – Windows Printer Spooler• Exploited an arbitrary file write vulnerability• WMI provided a generic means of turning a file write toSYSTEM code execution!• The attackers dropped a MOF file to gain SYSTEM-levelexecution.• Microsoft fixed this exploit primitivehttp://poppopret.blogspot.com/2011/09/playing-with-mof-files-on-windows-for.html