[Owasp-leaders] Online Binary Planting Exposure Test

Stanka Šalamun stanka.salamun at acros.si
Wed Sep 1 12:52:04 EDT 2010


Hello OWASP Leaders,

As I am not only OWASP Slovenia Chapter Leader but also the team member of
ACROS Security (we were in the middle of the newspaper storm called "binary
planting", "DLL preloading" or "DLL hijacking") I would like to inform you
about our "Online Binary Planting Exposure Test" that we made publicly
accessible for the benefit of all Windows users. This test should make it
easy for users and administrators to assess their exposure to binary
planting attacks originating from the Internet.

URL: http://www.binaryplanting.com/test.htm

Note that this test is NOT meant to answer whether you're vulnerable (at
this point where so many binary planting vulnerabilities exist out there you
certainly are vulnerable if you're on a Windows system). Rather, the test is
meant to determine whether your computer or network can be attacked from the
Internet (using any one of the known or unknown binary planting bugs).

You should also know that any network-based countermeasure (such as blocking
SMB and WebDAV at the perimeter) will stop protecting you when you connect
your computer to another network, such as a hotel-provided or public
wireless network. Running the test in various setups you're using might
therefore be a good idea.

Additional information here:
http://blog.acrossecurity.com/2010/08/online-binary-planting-exposure-test.h
tml.

Regards,
Stanka Salamun

OWASP Slovenia Chapter Leader
ACROS Security 
http://www.acrossecurity.com




More information about the OWASP-Leaders mailing list