Hackers’ Project – Browser Exploit Code Hiding


Hackers are developing new software that will help hide browser attack code from some types of security software.

The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software.

Using these techniques, VoMM “can create an endless number of variants of an exploit,” said Aviv Raff, one of the developers behind the project.

“It aims to provide several techniques out of the box to make browser exploits (mostly) undetectable,” according to a blog posting by one of the project’s founders, a hacker going by the name of “LMH.” That posting can be found here.

The software users server-side scripting technology to create new versions of the exploit code, which then get delivered to browser users when they visit the attacker’s Web site. By making a number of cosmetic changes to the code that do not affect its functionality, VoMM creates a new version of the malicious software that cannot be detected by “signature-based” techniques.

Signature-based antivirus products analyze known malware and then create a digital fingerprint that allows the antivirus software to identify malicious code. By adding extra components — tabs and spaces, and random comments and variable names — that are not included in known signatures, VOMM creates software that can evade detection.

The VoMM code is expected to be included in a new module for the upcoming 3.0 version of the widely used Metasploit hacking toolkit, Raff said. Metasploit developer HD Moore is also developing the VoMM software. Raff’s blog posting on the project can be found here.

Source: Infoworld

Posted in: Secure Coding, Web Hacking

, , , , ,


Latest Posts:


zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Sandcastle is an Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target's name as the stem argument (e.g. shopify).
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network


2 Responses to Hackers’ Project – Browser Exploit Code Hiding

  1. Murder By Music November 21, 2006 at 9:14 am #

    Its this sort of stuff that give hackers a bad name.

  2. amrish November 21, 2006 at 9:46 am #

    i know all abot the internet hacking pls infom me immediate as u know abt the password hacking