Are we tracking vulnerabilities in malware now? Improve the malware to be more resilient?
I'm just as likely to remove malware without vulnerabilities, as I am malware WITH vulnerabilities. Surely there are no bug bounties or upcoming patches (lol) for these. I guess I'm confused about the purpose of these disclosures. On Tue, Jan 19, 2021 at 9:50 AM malvuln <[email protected]> wrote: > Discovery / credits: Malvuln - malvuln.com (c) 2021 > Original source: > https://malvuln.com/advisory/07cd532823d6ab05d6e5e3a56f7afbfd.txt > Contact: [email protected] > Media: twitter.com/malvuln > > Threat: Constructor.Win32.SMWG.a > Vulnerability: Insecure Permissions > Description: Win32.SMWG VBS.sucke.gen worm generator by sevenC / N0:7 > outputs its malicious VBS script granting change (C) permissions to > authenticated users group. > > Type: PE32 > MD5: 07cd532823d6ab05d6e5e3a56f7afbfd > Vuln ID: MVID-2021-0033 > Dropped files: sucke.vbs > Disclosure: 01/18/2021 > > Exploit/PoC: > C:\>cacls c:\sucke.vbs > c:\sucke.vbs BUILTIN\Administrators:(ID)F > NT AUTHORITY\SYSTEM:(ID)F > BUILTIN\Users:(ID)R > NT AUTHORITY\Authenticated Users:(ID)C > > > Disclaimer: The information contained within this advisory is supplied > "as-is" with no warranties or guarantees of fitness of use or > otherwise. Permission is hereby granted for the redistribution of this > advisory, provided that it is not altered except by reformatting it, > and that due credit is given. Permission is explicitly given for > insertion in vulnerability databases and similar, provided that due > credit is given to the author. The author is not responsible for any > misuse of the information contained herein and accepts no > responsibility for any damage caused by the use or misuse of this > information. The author prohibits any malicious use of security > related information or exploits by the author or elsewhere. Do not > attempt to download Malware samples. The author of this website takes > no responsibility for any kind of damages occurring from improper > Malware handling or the downloading of ANY Malware mentioned on this > website or elsewhere. All content Copyright (c) Malvuln.com (TM). > > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
