LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

LUA!

[Posted November 2, 2011 by corbet]

From:  Dave Aitel <dave-AT-immunityinc.com>
To:  dailydave-AT-lists.immunityinc.com
Subject:  LUA!
Date:  Tue, 01 Nov 2011 11:50:27 -0400
Message-ID:  <4EB01543.4090702@immunityinc.com>
Archive-link:  Article, Thread 

Everyone basically ignores LUA <http://www.lua.org/about.html> as much
as possible - not as useful for large projects as Python or Ruby, not as
fast as C. But eventually every big C project wants a scripting
language, and they look around at licensing and features and choose LUA.

Wireshark is the obvious example, but LUA is small enough that it's a
natural fit for trojans as well - especially trojans that are embedded
into the memory space of something else (Outlook or your kernel, for
example).

I notice that as of today D2 includes a LUA trojan, and that
WhitePhosphorus includes an exploit for the Wireshark LUA problem. Both
of which are fun to test!

-- 
INFILTRATE 2012 January 12th-13th in Miami - the world's best offensive information security
conference.
www.infiltratecon.com

_______________________________________________
Dailydave mailing list
Dailydave@lists.immunityinc.com
https://lists.immunityinc.com/mailman/listinfo/dailydave
(Log in to post comments)

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds