Stiegg larsson's asphyxia

[bwanaaa]

In the millennium series by stiegg larsson, a talented pc user named WASP designs and implements an app named asphyxia. The interesting part is how the app is constructed on the remote machine by the concatenation of individual payloads. Is this possible in reality? All my knowledge in pentesting is rather limited to standard approaches. Installing a vulnerability is based on the delivery of an intact piece of code that can execute or a single event.

The concept of piecemeal delivery of code that is assembled remotely on the target machine seems to be a devilishly difficult exploit to guard against. How would an antivirus or malware scanning app know about code fragments?

Getting back to the point though-does anyone have insight into this idea?

 

[RedCOMET]

Just finished all three books. Can't wait to see the remaining two films of the trilogy.

as for the topic... no idea.

 

[azev]

Just finished all three books. Can't wait to see the remaining two films of the trilogy.

as for the topic... no idea.

Is the first movie out already ?

 

[Scali]

Is the first movie out already ?

All three movies are out... at least in the cinema (I've seen all three, yay). I believe in some places all three are released on DVD already.
First one should be available on DVD everywhere, second one in most places anyway.

 

[Scali]

In the millennium series by stiegg larsson, a talented pc user named WASP designs and implements an app named asphyxia. The interesting part is how the app is constructed on the remote machine by the concatenation of individual payloads. Is this possible in reality? All my knowledge in pentesting is rather limited to standard approaches. Installing a vulnerability is based on the delivery of an intact piece of code that can execute or a single event.

The concept of piecemeal delivery of code that is assembled remotely on the target machine seems to be a devilishly difficult exploit to guard against. How would an antivirus or malware scanning app know about code fragments?

Getting back to the point though-does anyone have insight into this idea?

Well, I think it's impossible for the code to 'assemble itself'. So although you can smuggle the pieces onto the PC one at a time... you will need one piece that is 'intact' to assemble the rest.
But this can be a very small and simple piece, so perhaps you can make it look innocent enough to avoid detection (which I doubt... I've created a VERY simple launcher application that detects whether your system runs a 32-bit or 64-bit variation of Windows, and then selects the proper binary, and executes it. Completely harmless, but various virus scanners gave me a false positive on it. The code can be found here by the way: http://cpuinfo.svn.sourceforge.net/...ch3264/Launch3264.cpp?revision=35&view=markup)... or you can use it via some kind of exploit, where size and functionality are limited.

 

[RedCOMET]

All three movies are out... at least in the cinema (I've seen all three, yay). I believe in some places all three are released on DVD already.
First one should be available on DVD everywhere, second one in most places anyway.

Well, i know the us distrobuter's website listed the other two films being shown this summer and fall, respectively. That i'm sure can vary depending on region and what not. I saw the first film in an indie movie house.

 

[FoxFifth]

Netflix shows the first one available in DVD, Blu-ray, and streaming on 7/6/2010.

 

[Scali]

Hehe, serves you guys right... this once the US is the LAST place where a movie is released.

There's going to be a Hollywood remake aswell... I doubt it will be anywhere near as good as the original.

 

[FoxFifth]

Hehe, serves you guys right... this once the US is the LAST place where a movie is released.

There's going to be a Hollywood remake aswell... I doubt it will be anywhere near as good as the original.

We didn't get the books first either (and the translated books probably aren't as good as the originals)!

 

[mcmilljb]

In the millennium series by stiegg larsson, a talented pc user named WASP designs and implements an app named asphyxia. The interesting part is how the app is constructed on the remote machine by the concatenation of individual payloads. Is this possible in reality? All my knowledge in pentesting is rather limited to standard approaches. Installing a vulnerability is based on the delivery of an intact piece of code that can execute or a single event.

The concept of piecemeal delivery of code that is assembled remotely on the target machine seems to be a devilishly difficult exploit to guard against. How would an antivirus or malware scanning app know about code fragments?

Getting back to the point though-does anyone have insight into this idea?

It sounds devilish until you realize that the "malware" is useless until it receives all the pieces, might never get the last piece. Also how are the payloads being delivered? They would figure out how many pieces are needed, but they would just look for the code that is needed to concatenate the pieces together. It's really not a smart idea. It seems like they wanted to come up with a twist on a botnet attack or something similar.