Jump to content

[SOLVED] MAJOR EXPLOIT FOUND!


FlareHAX0R

Recommended Posts

I have found a major exploit that was not detected by MBAM Anti Exploit beta!!!!

 

I was on windows 8, with chrome.

 

When I went to the exploit site, all my browser plugins and addons crashed instantly. I started getting spammed with like "Dangerous Websites Blocker has crashed" on the tray.

 

I had MBAM Anti Exploit beta open and on, viewing the logs. I went to the payload site, nothing appeared on the logs. Also, should I give the link to the mbam team? Video coming soon.

 

I call it the Ultradome Crasher exploit.

Link to post
Share on other sites

  • Staff

Please send me via PM the link that you visited and a DDS log.

 

If you can replicate it, it would be nice to check first that MBAE.DLL is correctly injected into Chrome prior to visiting the site again. You can do this with SysInternals Process Explorer. Run it as admin and use the search function to search for mbae.dll. It should be listed under the chrome.exe process space if you have Chrome open.

Link to post
Share on other sites

Please send me via PM the link that you visited and a DDS log.

 

If you can replicate it, it would be nice to check first that MBAE.DLL is correctly injected into Chrome prior to visiting the site again. You can do this with SysInternals Process Explorer. Run it as admin and use the search function to search for mbae.dll. It should be listed under the chrome.exe process space if you have Chrome open.

DDS log?

Link to post
Share on other sites

  • Staff

Sometimes exploits do that to evade being investigated by researchers. Go ahead and send me the URL and the DDS log via PM. We have ways of fooling the exploit to trigger. I want to make sure this is really an exploit and not some compatibility or application crash problem.

Link to post
Share on other sites

  • Staff

Thanks for the details @FlareHAXOR. I have tested it under multiple configurations against MBAE and manually inspected the site.

 

The site you encountered does NOT contain any exploits. It is a McAfee-owned site which does remote port scans of your PC to see how effective your firewall is.

 

The crash you encountered is most likely due to some conflict of some software, probably with your firewall, anti-virus, url filter, browser add-ons, other security software, or all of them together. The problem does not seem to have anything to do with MBAE.

Link to post
Share on other sites

  • 4 weeks later...

You can have too much security software.  I run Avast free 9.0.2011, Agnitum Outpost Firewall Pro 9.0 and EMET 4.1.  MBAE works very sociably with these and I look forward to the next version.  If I were to express a wish, it would be for the ability to disable individual application shields.

Link to post
Share on other sites

Interesting wish hake. Why would you want to disable some shields? For compatibility issues with EMET for example, for performance?? We are having a similar discussion internally and it would be interesting to know your point of view.

Just following this also as I'm interested in any thoughts that allow mbae and emet to function togrther at full potential! :huh:

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.