App Review Bypass Firewall kaspersky 2017

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
W

Wave

According to YouTube the video is set to private so I cannot view it.

https://snag.gy/NdTAHD.jpg

NdTAHD.jpg

If you don't mind me asking, what is the purpose/scope of the vulnerability (as in what does the bypass actually result in, e.g. execute malware and perform actions without triggering the protection, bypass self-protection to terminate Kaspersky Firewall from memory, privilege escalation, etc)?
 
  • Like
Reactions: Cats-4_Owners-2, frogboy, Deleted member 2913 and 5 others
E

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
as far as I know, if the program is already executed before being blocked by kaspersky firewall or application control it is not applied yet. The rule is applied after you turn the app off and open it again

I tried to block iobit advanced system care service using app control when it was running in background but the service was still running without being killed. Then manually killed the service and then I wouldnt be able to execute anymore
 
  • Like
Reactions: Cats-4_Owners-2, Deleted member 2913, harlan4096 and 6 others
DardiM

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
Evjl's Rain said:
as far as I know, if the program is already executed before being blocked by kaspersky firewall or application control it is not applied yet. The rule is applied after you turn the app off and open it again

I tried to block iobit advanced system care service using app control when it was running in background but the service was still running without being killed. Then manually killed the service and then I wouldnt be able to execute anymore
Click to expand...
Yes, it would be interesting to see the same bypass without the prog already in memory :D
and without "resume" used.

I made a test with ZAM already running.

- I run a Deep scan
- I selected deny during the scan
=> cloud blocked : "No internet connection" (no need to quit and run again)
So the bypass seems to be working, by using the Freegate + proxy and the IDE on "pause"
(no other stuff)

A lot of steps have to be done manually, curious to see if a malware can do that without KIS blocking o_O
 
Last edited:
  • Like
Reactions: Cats-4_Owners-2, Deleted member 2913, harlan4096 and 5 others
H

hjlbx

aliali said:
Yes 4 years ago

kis 2013/14 /15/16/17 ==>>bypass

Kaspersky Endpoint Security== pass
Click to expand...

Ask @harlan4096 for assistance in submitting the bug; he is very long-time Kaspersky beta tester\forum member and - I would assume after all these years - has forged contacts with Kaspersky staff.

I have found that a lot of time bugs get reported, but for whatever reason(s) they don't get put onto the "To Do" list because the report is never brought the attention of the person(s) managing the "To Do" list...
 
  • Like
Reactions: aragornnnn, Cats-4_Owners-2, askmark and 7 others
DardiM

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
uncle bill said:
Am I the only one to think that there's absolutely no problem? The connection are made by psiphon which is trusted... so, is there really a problem?
Click to expand...
It was only on the last update video, the use of psiphon (I just watched it), after @harlan4096 asked for "Monitor all network ports"
 
Last edited:
  • Like
Reactions: aragornnnn, Cats-4_Owners-2, Der.Reisende and 4 others

Similar threads

Andy Ful
    • Like
    • +Reputation
    • Applause
App Review Comodo's killer.
Replies
38
Views
1,592
Video Reviews - Security and Privacy
Andy Ful
Andy Ful
NB InfoTech
    • Like
App Review Kaspersky Standard Antivirus Review | Kaspersky Standard Antivirus vs 100 + 10 Malware Sample | 2023
Replies
0
Views
1,064
Video Reviews - Security and Privacy
NB InfoTech
NB InfoTech
vitao
    • Like
    • Applause
Kaspersky Antivirus Free + Comodo Firewall Test Against 100 New Malwares (10/2024)
Replies
5
Views
521
Comodo
vitao
vitao

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top