Notings of Attention™
Acmlmboard 2 Released
Github/GIT | @acmlmboard
Chatting Places
Discord

Affiliates
Super Mario Bros. X | Kuribo64
Views: 8,952,621
Main | FAQ | IRC chat | Memberlist | Active users | Latest posts | Stats | Ranks | Online users | Search
03-28-24 10:40 PM
Guest: Register | Login

0 users currently in msg db 'Computer Address',0xa | 1 bot

Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit
Next newer thread | Next older thread


Arisotura
Posted on 06-05-16 03:51 PM Link | ID: 90426
Developer
pancakes
Level: 83


Posts: 1014/1868
EXP: 5395569
Next: 36652

Since: 01-05-12
From: France

Last post: 655 days
Last view: 194 days
source


ASUS LiveUpdate is one of ASUS' preinstalled bloatware programs, that updates shit like BIOS, drivers etc...

The updates are retrieved over plain HTTP and not authenticated. There is a way, via MitM and some other trickery, to make it run a malicious executable with admin/system privileges.



Long story short, first thing to do when getting a new computer is axing all the preinstalled bloatware.

____________________
Kuribo64 - melonDS

want some revolution in your coffee?

Danielle
Posted on 06-05-16 07:24 PM Link | ID: 90428
Normal User

Miracles Happen
When you believe...
Level: 254


Posts: 2749/25311
EXP: 263230616
Next: 1552709

Since: 07-16-12
From: Albany, NY
OS: Windows 98

Last post: 118 days
Last view: 118 days
Just as bad as the Lenovo "Superfish" malware, too :P Typically whenever I buy a name brand machine I do a full format and erase the hard drive and do a clean install using the OEM supplied key ;)


"Miracles happen, when you believe..."
YouTube

Next newer thread | Next older thread
Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit


Acmlmboard v2.5.5 (10/04/2020)
© 2005-2024 Acmlm, Emuz, et al.

Page rendered in 0.050 seconds. (758KB of memory used)
MySQL - queries: 59, rows: 483/515, time: 0.041 seconds.