Notings of Attention™
Acmlmboard 2 Released
Github/GIT | @acmlmboard
Chatting Places
Discord

Affiliates
Super Mario Bros. X | Kuribo64
Views: 8,954,546
Main | FAQ | IRC chat | Memberlist | Active users | Latest posts | Stats | Ranks | Online users | Search
03-29-24 12:45 PM
Guest: Register | Login

0 users currently in msg db 'Computer Address',0xa | 3 bots

Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit
Next newer thread | Next older thread


Arisotura
Posted on 06-05-16 03:51 PM, in Link | ID: 90426
Developer
pancakes
Level: 83


Posts: 1014/1868
EXP: 5395924
Next: 36297

Since: 01-05-12
From: France

Last post: 655 days
Last view: 194 days
source


ASUS LiveUpdate is one of ASUS' preinstalled bloatware programs, that updates shit like BIOS, drivers etc...

The updates are retrieved over plain HTTP and not authenticated. There is a way, via MitM and some other trickery, to make it run a malicious executable with admin/system privileges.



Long story short, first thing to do when getting a new computer is axing all the preinstalled bloatware.

____________________
Kuribo64 - melonDS

want some revolution in your coffee?

Danielle
Posted on 06-05-16 07:24 PM, in Link | ID: 90428
Normal User

Miracles Happen
When you believe...
Level: 254


Posts: 2749/25311
EXP: 263248693
Next: 1534632

Since: 07-16-12
From: Albany, NY
OS: Windows 98

Last post: 119 days
Last view: 119 days
Just as bad as the Lenovo "Superfish" malware, too :P Typically whenever I buy a name brand machine I do a full format and erase the hard drive and do a clean install using the OEM supplied key ;)


"Miracles happen, when you believe..."
YouTube

Next newer thread | Next older thread
Main - msg db 'Computer Address',0xa - ASUS LiveUpdate MitM exploit


Acmlmboard v2.5.5 (10/04/2020)
© 2005-2024 Acmlm, Emuz, et al.

Page rendered in 0.036 seconds. (759KB of memory used)
MySQL - queries: 63, rows: 487/519, time: 0.029 seconds.