Re: Blind Extra isn't a hacking add-on!
Please post the sorce for all to see!
Well, I investigated everything the best I could, even managing to get my hands on the source of this addon. Yes, the unencrypted, raw source. And yes, this addon does allow for remote execution. Don't believe me? Start up an http sniffer with this installed and start NVDA. You will see a request sent out to download a, fucking, python script! After being downloaded the script runs. Currently it just shows a new version of get extra being available, but this effectively means that when ever he wants, he can swap out the python code on his remote site, and then when ever blind extra is run/NVDA restarted, it executes that code. In python. A smart and effective way to make a nasty botnet. I have the source hostage. If anyone wants it, just ask.
_______________________________________________ Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
