according to McAfee “Aurora” Exploit In Google Attack Now Public, and the exploit code referred should be here, any one can give a more detailed explanation how it works?
A:
There is sharp answer on page you give link
"An attacker could gain complete control over a vulnerable system by tricking a user to visit a rigged Web page."
That's it... it just make redirection.
The main trouble with it is... that code encrypted/obfuscated and that's why security software cannot run on it
Its... now we come to the same stage of concurrency between malware and security software,
as it was with late .EXE viruses, which become polymorphic to hide from ordinary signature based antiviruses.
Surely, the redirection is NOT the attack. The attack happens when you visit the rigged page ...
Stephen C
2010-01-19 08:49:28
Of course. I mean the same
2010-01-19 08:53:04
but if it can trick user to visit the page with that exploit, why redirect?
Dyno Fu
2010-01-19 08:53:03
"why redirect?" because itself it too small to run some malicious actions
2010-01-19 08:58:10
+1
A:
I guess the full answer is being kept back, to prevent more people from performing the attack. The script that is related to this must be a way of creating the invalid pointer that is then exploited to gain access to the user's system. The script is only a part of the whole process - but the vulnerability is related to accessing a "freed object". This possibly means that the error supplied when you attempt to access the freed object contains too much information - which can then be used to attack your system.
Sohnee
2010-01-19 08:52:12
+1
A:
from reading that and following alink in the comments it seems that when the user visits the rigged page the exploit opens a connection to the attackers computer giving the attacker the ability to issue commands as the user. They can list/kill processes, basically do whatever a user can do.
Sam Holder
2010-01-19 08:53:30