On Sat, May 14, 2011 at 10:55:30PM +0100, Chris M wrote: > Not convinced. > > Tried to upload a few samples, "only support EXE files" ---- no DLLs? yet > you take URLs? only to exes? > > The file I upped was a PE file. Just with a renamed extension. > > Also submitted a couple of "known bad" files and got a list of tcp ports > back.... how is this operating? _SHARED_ sandbox? > > Whats it based on? > > More information would be appreciated :) > > -C
I can still get HTTP 500 errors easily. That service is running vulnerable version of Tomcat and still saying wrong TCP-connections with any scan url/exe-sample. JS checks aren't done in backend. Best regards, Henri Salo _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
