Q&A How to defend against Stegosploit?

Nightwalker

Level 22
Verified
Trusted
Content Creator
May 26, 2014
1,139
Phones arent vulnerable to this kind of "attack" and neither is your Windows, this is just fearmongering crappy at its finest.

Dont worry, you have Cruel Comodo anyway right?


Reference:


Dont believe the hype about exploits, fileless malwares and all the stupid doom made about it.
 

camo7782

Level 4
Apr 29, 2019
166
Phones arent vulnerable to this kind of "attack" and neither is your Windows, this is just fearmongering crappy at its finest.
Well it is what investigation agencies use, that I know of only Apple Phones are safe. But perhaps there is something we can do on windows machines since Android is 100% vulnerable to this. You can download a sample and test it if you think you are safe.
 
  • Like
Reactions: Dave Russo

Nightwalker

Level 22
Verified
Trusted
Content Creator
May 26, 2014
1,139
Well it is what investigation agencies use, that I know of only Apple Phones are safe. But perhaps there is something we can do on windows machines since Android is 100% vulnerable to this. You can download a sample and test it if you think you are safe.

I dont think I am safe, I am actually safe.

I am not a target for state actors and neither are you, I doubt that NSA and similar sponsored organizations would waste a zero-day exploit with us.

About Android, where you read about Stegosploit and 100 % vulnerability? This doesnt make any sense, Android Pie (with security patches) is a bit less secure than iOS 12 but it isnt a swiss cheese, especially if Google Play Store/Protect are used combined with user awareness (apps permission/sandbox).
 
Last edited:

AriDfoix

Level 3
Sep 2, 2018
128
Seems at 0:44 is using PowerShell, so I think NoVirusThanks SysHardener maybe one solution, another sollution maybe a default/deny policy, I think those payloads on Windows works more or less using some common points. Not sure about this anyway.

Those payloads usually them use common entry points, sometime someone good malware author push new one using 0day, but i think is hard.
 

Nightwalker

Level 22
Verified
Trusted
Content Creator
May 26, 2014
1,139
Seems at 0:44 is using PowerShell, so I think NoVirusThanks SysHardener maybe one solution, another sollution maybe a default/deny policy, I think those payloads on Windows works more or less using some common points. Not sure about this anyway.

No, Stegosploit (not a exploit anyway) doesnt have anything with PowerShell per se, it is just a technique to hide code inside images, but you still need the exploit (browser oriented specifically) to make everything works.
 
Top