shellcode injection - buffer overflow atack


  1. Grimmjow
    Posts : 826
    Windows 7 Ultimate x32
       New #1

    shellcode injection - buffer overflow atack


    Hey guys, I wanted to share this with you and hear your suggestions/opinions about this:
    shellcode injection - buffer overflow atack-capture4.jpg
    "In computer security, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised machine...."
    Shellcode - Wikipedia, the free encyclopedia

    Cracker's Choice

    "....Buffer overflow has become one of the preferred attack methods for writers of viruses and Trojan horse programs....
    QuickStudy: Buffer Overflow
    On Windows Server 2008/Vista computers, it reduces the protection level of the computer, as it modifies the level of the Mandatory Integrity Control (MIC), leaving it low..."

    Scanned with Avast, didn't find a thing, Malwarebytes results were (scanned and with a-squared after malwarebytes, nothing):
    shellcode injection - buffer overflow atack-capture-8-.jpg
    Trojan.Hiloti
    Date spotted:
    First seen on 2008-12-25.
    Last seen on 2010-02-26.

    Detection statistics:
    This object is 0.05% of all objects detected.
    1,403,342 instances detected worldwide.
    Malwarebytes.org
    Hiloti is a Trojan which downloads to the affected computer the adware detected as Lop.
    Additionally, when users access through the Firefox browser certain websites related to search engines, they are redirected to malicious websites from which more malware will be downloaded.
    What is Trojan Hiloti. Encyclopedia. Panda Security

    Now, can that trojan be somehow connected with this buffer overflow attack, or something went wrong with defense+? Was reading on Comodo's forums, didn't find conclusive answer.
    When clicked terminate (on the defense+ pop up window) was expecting explorer.exe to be killed, but nothing happened,hm.

    The question remains, was the trojan responsible for that shellcode injection, defense+ got something wrong, randomly happened...?

    Anyway, I've re imaged system partition, just to be on the safe side, I've lost 10-15 min of my time, it isn't that much I suppose (I've spent more time scanning then re imaging,huh) After that, I was still paranoid, so I've scanned again with Malwarebytes, and guess what? I don't have a clean image... So, for the conclusion, who ever reads this post, ALWAYS BEFORE CREATING IMAGE BE AT LEAST 100% SURE THAT YOUR SYSTEM IS CLEAN, ALWAYS.
    cheers
    P.S I apologize if the post is kind of too long, I just wanted to provide information
      My Computer
    Quote Quote

  3. kucing13
    Posts : 1,747
    window's 7
       New #2

    does your pc get back to a healthy state? or it still haunted with that hiloti?
      My Computer
    Quote Quote

  4. Grimmjow
    Posts : 826
    Windows 7 Ultimate x32
    Thread Starter
       New #3

    Format, install browser, drivers, codecs, AV+malwarebytes+firewall+winpatrol+hosts file,office,burning sowftware+making CLEAN IMAGE, I'm just fine now:) And I still don't now was that comodo's defense+ warning caused by hiloti, or something else...anyway, no hiloti now.
    cheers
      My Computer
    Quote Quote

  6. kucing13
    Posts : 1,747
    window's 7
       New #4

    i thought its a ghost a virus that will never dissapear? scary
      My Computer
    Quote Quote

 

  Related Discussions
Hi all, I've been suffering from a huge number of BSODs over the last 3 weeks of so and am now running out of ideas to work with. I built my new system up around 3 months ago and everything was just hunky dory for a couple of months. However, around 3 weeks back I made the massive mistake of...
Hi all, I have a problem that is becoming increasingly irritating... Everytime i try to watch a video, for example a youtube video in awesomer webpage, the video starts loading, loads about 5-10% of the video and then starts playing. Then the video reaches the buffer, it stops for another...
My mom gave me an old laptop of hers, it's a Gateway M285-E running Windows 7 32-bit. At first I noticed that explorer wasn't working right, for instance, the entire C drive seems to be empty (except for two files) and some explorer windows are coming up without any words (see first screenshot),...
Shellcode Injection
in System Security

About an hour ago I did an error check on my C drive. I had to restart my computer to do it and after it was done and I had logged back in Comodo Defense had blocked the application explorer.exe. I wasn't browsing the internet in FireFox yet. It said "this is typical of a buffer overflow attack"....
Virtual Machine Stack Overflow?
in General Discussion

Hi all, I keep getting this error every time I log on to my Admin account. Strange thing is its happening to my laptop too...anyone know what it means? Thanks
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 22:40.
Find Us