|From:||Dave Aitel <dave-AT-immunityinc.com>|
|Date:||Tue, 01 Nov 2011 11:50:27 -0400|
Everyone basically ignores LUA <http://www.lua.org/about.html> as much as possible - not as useful for large projects as Python or Ruby, not as fast as C. But eventually every big C project wants a scripting language, and they look around at licensing and features and choose LUA. Wireshark is the obvious example, but LUA is small enough that it's a natural fit for trojans as well - especially trojans that are embedded into the memory space of something else (Outlook or your kernel, for example). I notice that as of today D2 includes a LUA trojan, and that WhitePhosphorus includes an exploit for the Wireshark LUA problem. Both of which are fun to test! -- INFILTRATE 2012 January 12th-13th in Miami - the world's best offensive information security conference. www.infiltratecon.com _______________________________________________ Dailydave mailing list Dailydave@lists.immunityinc.com https://lists.immunityinc.com/mailman/listinfo/dailydave
Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds