Credits go out to John Strand Evilgrade is a modular framework that allows an attacker to take advantage of poorly implemented software upgrades. An attacker can use Evilgrade in combination with DNS spoofing or a MITM attack to spoof a software update and trick the victim computer into executing arbitrary code such as a Metasploits Payload. Currently, the Evilgrade framework supports the following software: Java plugin, Winzip, Winamp, MacOS, OpenOffices, iTunes, Linkedin Toolbar, Download Accelerator, notepad , and speedbit.
Subscribe to our NewsletterLoading...
Tag CloudAnti Virus Protection Backtrack Blackhat Blog Botnet Cisco Cloud Security Cracking Cyber Security cyber security conference Data Security Educational Purposes Exploit Free Anti Virus Google Hack Hacking Hard Drive Recovery Honey Pot Honeypot Internet Security Lessons Learned Linux Mainstream Malware Management Tools Metasploit Mitm Network Security Nmap Passwords Penetration Penetration Testing Remote Exploit Security Test Speakers Ssl Steganography Symantec Testing Tool Voip Testing Vulnerabilities Wireshark Zero Day Zeus