Version 1.11 of the White Phosphorus exploit pack is now ready, and contains
5 new exploit modules, including one for SCADA.
The total number of modules in the pack is now 87, with a mixture of both
remote and client side modules. For a full list of the pack contents
please contact firstname.lastname@example.org
- Highlighted Modules -
They been working hard this month on a new ASLR/DEP bypass technique
that works against IE8 and IE9. Looking forward to seeing this put to use
in some modules in the coming months.
In the meantime this pack includes an exploit for RealWin SCADA Server
On_FC_RFUSER_FCS_LOGIN Remote Overflow and a recent exploit for VLC player.
(Note from SCADAhacker: This vulnerability on the RealWin SCADA Server appears to be one of the seven previously disclosed by security research Luigi Auriemma. RealWin has confirmed that these exploits only work on the demo version of the software, and are not possible with the commercial version due to the implementation of encryption between applications. SCADAhacker and Byres Security is still investigating the credibility of this claim. These links provide additional information from Digital Bond and RealFlex.)
- Want To Know More -
Existing clients can download the new version using the original
Check out the products page on the Immunity website