Points of Required Attention™
Acmlmboard 2 Released
Github/GIT | @acmlmboard | IRC: #abdev
Chatting Places
IRC: #kafuka | Discord

Super Mario Bros. X | Kuribo64
Views: 4,780,066
Main | FAQ | IRC chat | Memberlist | Active users | Latest posts | Calendar | Stats | Ranks | Online users | Search
01-20-18 10:52 PM
Guest: Register | Login

0 users currently in msg db 'Computer Address',0xa | 1 guest

Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit
Next newer thread | Next older thread

Posted on 06-05-16 03:51 PM Link | ID: 90426
Acmlmboard has... side effects
Level: 69

Posts: 1014/1548
EXP: 2861435
Next: 8308

Since: 01-05-12
From: France

Last post: 2 days
Last view: 5 hours

ASUS LiveUpdate is one of ASUS' preinstalled bloatware programs, that updates shit like BIOS, drivers etc...

The updates are retrieved over plain HTTP and not authenticated. There is a way, via MitM and some other trickery, to make it run a malicious executable with admin/system privileges.

Long story short, first thing to do when getting a new computer is axing all the preinstalled bloatware.

Kuribo64 - we hack shit

Posted on 06-05-16 07:24 PM Link | ID: 90428

Just like a star up in the sky...
Level: 165

Posts: 2749/11850
EXP: 57892311
Next: 1043370

Since: 07-16-12
From: Albany, NY
Species: Catgirl
OS: Windows 7/10

Last post: 42 min.
Last view: 11 min.
Just as bad as the Lenovo "Superfish" malware, too :P Typically whenever I buy a name brand machine I do a full format and erase the hard drive and do a clean install using the OEM supplied key ;)

Just like a star up in the sky...

Next newer thread | Next older thread
Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit

Acmlmboard v2.5.3 (1/7/2018)
© 2005-2018 Acmlm, Emuz, et al.

Page rendered in 0.032 seconds. (679KB of memory used)
MySQL - queries: 55, rows: 514/538, time: 0.021 seconds.