User: Password:
Subscribe / Log in / New account


From:  Dave Aitel <>
Subject:  LUA!
Date:  Tue, 01 Nov 2011 11:50:27 -0400
Message-ID:  <>
Archive-link:  Article

Everyone basically ignores LUA <> as much
as possible - not as useful for large projects as Python or Ruby, not as
fast as C. But eventually every big C project wants a scripting
language, and they look around at licensing and features and choose LUA.

Wireshark is the obvious example, but LUA is small enough that it's a
natural fit for trojans as well - especially trojans that are embedded
into the memory space of something else (Outlook or your kernel, for

I notice that as of today D2 includes a LUA trojan, and that
WhitePhosphorus includes an exploit for the Wireshark LUA problem. Both
of which are fun to test!

INFILTRATE 2012 January 12th-13th in Miami - the world's best offensive information security

Dailydave mailing list

(Log in to post comments)

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds