Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Critical System Protection
View Only
Community Home
Threads
Library
Events
Members
Back to Library
Wireshark console.lua pre-loading vulnerability Exploitation and Prevention part-II
0
Recommend
Feb 08, 2012 01:15 PM
Migration User
In Wireshark console.lua pre-loading vulnerability Exploitation and Prevention Part-I, I explained how to exploit Wireshark console.lua pre-loading vulnerability in windows. In this part i will show you how to prevent Wireshark console.lua pre-loading vulnerability with Symantec Critical System Protection (SCSP).
Prevention Of Wireshark console.lua pre-loading vulnerability
1) I logged into my SCSP Server. Click on Prevention Tab --> Policies.
2) I create one policy named Wireshark Buffer Overflow Prevention to prevent Wireshark Buffer Overflow Vulnerability in Windows.
3) Right Click on Policy and Click Apply policy.
4) Select Agent and Click on Next. Now I am Appling a Prevention Policy on Our target machine.
5) SCSP Prevention is enabled on Windows XP machine.
6) Server is already running on Attacker Machine to listen connection from other machine's.
7) Our Victim tries to access the shared folder of Attacker machine.
8) It shows a malicous pcap file om Victim Machine.
9) When Our Victim tries to open the msf.pcap file in wireshark.
8) But this time SCSP blocks the exploit to execute and didn't give shell to the attacker machine. Attacker will not get meterpreter shell even victim Opens the same file again.
So It is possibe to block Wireshark console.lua pre-loading vulnerability in Windows with Symantec Critical System Protection (SCSP).
Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads
Tags and Keywords
Related Entries and Links
No Related Resource entered.
Copyright 2019. All rights reserved.
Powered by Higher Logic