Since MPEG2-BDATuningModelMPEG2TuneRequest successful gaining attentions from security vendors. Detection signatures and pattern had been added into their respective security products. This is still no the end, attacker start figure out ways to bypass the detection. One of the method is separate the exploit code into different files and rename as image file. This technique called "Script Fragmentation".However, detection was triggered when 3.jpg image #3 (payload) downloaded.
1.jpg
2.jpg
3.jpg
4.jpg
5.jpg
6.jpg
7.jpg
8.jpg
9.jpg
10.jpg
11.jpg
0 comments:
Post a Comment