Notings of Attention™
Acmlmboard 2 Released
Github/GIT | @acmlmboard
Chatting Places
Discord

Affiliates
Super Mario Bros. X | Kuribo64 | NeoRHDN
Views: 11,035,544
Main | FAQ | IRC chat | Memberlist | Active users | Latest posts | Stats | Ranks | Online users | Search
11-22-24 12:55 PM
Guest: Register | Login

0 users currently in msg db 'Computer Address',0xa | 1 bot

Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit
Next newer thread | Next older thread


Arisotura
Posted on 06-05-16 03:51 PM, in Link | ID: 90426
Developer
pancakes
Level: 84


Posts: 1014/1870
EXP: 5546710
Next: 115242

Since: 01-05-12
From: France

Last post: 38 days
Last view: 38 days
source


ASUS LiveUpdate is one of ASUS' preinstalled bloatware programs, that updates shit like BIOS, drivers etc...

The updates are retrieved over plain HTTP and not authenticated. There is a way, via MitM and some other trickery, to make it run a malicious executable with admin/system privileges.



Long story short, first thing to do when getting a new computer is axing all the preinstalled bloatware.

____________________
Kuribo64 - melonDS

want some revolution in your coffee?

Danielle
Posted on 06-05-16 07:24 PM, in Link | ID: 90428
Normal User

Miracles Happen
When you believe...
Level: 256


Posts: 2749/25311
EXP: 270479673
Next: 1643754

Since: 07-16-12
From: Albany, NY
OS: Windows 98

Last post: 357 days
Last view: 357 days
Just as bad as the Lenovo "Superfish" malware, too :P Typically whenever I buy a name brand machine I do a full format and erase the hard drive and do a clean install using the OEM supplied key ;)


"Miracles happen, when you believe..."
YouTube

Next newer thread | Next older thread
Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit


Acmlmboard v2.5.6 (06/11/2024)
© 2005-2024 Acmlm, Emuz, et al.

Page rendered in 0.046 seconds. (759KB of memory used)
MySQL - queries: 63, rows: 486/519, time: 0.038 seconds.