[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] MalBox Release! A Program Behavior Analysis System!
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] MalBox Release! A Program Behavior Analysis System!
- From: DFlower <dflower.zs@xxxxxxxxx>
- Date: Thu, 19 May 2011 20:59:12 +0800
Hi, everyone
We've published a whitepaper on Malbox's site, which will introduce
Malbox's architecture and workflow. You can download it from
http://malbox.xjtu.edu.cn.
> On Sat, May 14, 2011 at 10:55:30PM +0100, Chris M wrote:
>> Not convinced.
>>
>> Tried to upload a few samples, "only support EXE files" ---- no DLLs? yet
>> you take URLs? only to exes?
>>
>> The file I upped was a PE file. Just with a renamed extension.
>>
>> Also submitted a couple of "known bad" files and got a list of tcp ports
>> back.... how is this operating? _SHARED_ sandbox?
>>
>> Whats it based on?
>>
>> More information would be appreciated :)
>>
>> -C
> I can still get HTTP 500 errors easily. That service is running vulnerable
> version of Tomcat and still saying wrong TCP-connections with any scan
> url/exe-sample. JS checks aren't done in backend.
>
> Best regards,
> Henri Salo
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/