TBA. However, wanna see some screenshots? We didn't really make many, but here's some...
This is when we were still playing with DLL injection, this was us trying to crowbar an old exploit one of us wrote into C#.
This is what happens when your pure C# program injects your ASM DLL without checking what it injects into xD
Ooops... lol. This is when I realised I should be checking what I try and inject to :) Not only that, but maybe it's the DLL I'm injecting rather than my injection technique...
And that old exploit has worked! Log files cleared :) Seems my DLL injection of anything owned by SYSTEM is working! :D
By this point, I'd realised there was actually no point in injecting, it could be done through 100% pure C#. This is what happens if you overwrite the MBR with the string "BIGFLANGE"... Wow, I'm mature :)
By this point we were working on our own custom MBR... shame it didn't work :)
Carlsberg don't make Virus payloads, but if they did they'd be ones featuring Pacman nomming the screen to full sound-effects and the word "0wn3d".
OK... by this point we had a fully working PoC... here's a video :)
Mandy.swf (requires Flash to play, sorry guys)... and REALLY sorry about the low quality, but hey, there's nothing I can do!