Have fun planting virus signatures in strange places that touch remote disks somehow/somewhere.

Example:

Change your mail sig to:
X5O!P%@ap[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Or send it in a browser var, as a password (quickly find the sites that don't encrypt passwords), send to open syslogs, etc.

The some AV actually delete/quarantine the file (weblogs, mailspool, {u,w}tmp etc.)!

What are your ideas?

Inspired by: sec.cs.tu-bs.de/pubs/2017-asia

@Mudge plz be sure to put one of those "This message has been virus-scanned" footers above or below the fake virus content. Seeing that helps me feel reassured.

· · Web · 0 · 0 · 1
Sign in to participate in the conversation
Mastodon

The original server operated by the Mastodon gGmbH non-profit