[conspire] Write Once, Exploit Everywhere

Rick Moen rick at linuxmafia.com
Tue Aug 28 12:51:15 PDT 2012

Quoting Adrien Lamothe (alamozzz at yahoo.com):

> "FWIW, the current exploit is focussed solely on Win32 boxes
> because its payload is delivered as a Microsoft exe file.
> http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html"
> Perhaps having Wine or DOSbox installed would allow that .exe file to
> run? (I'm not going to test it.)

I was bearing in mind that possibility when I cagily said 'Win32 box'.  ;->

In the past, WINE has proved only very poorly able to be sufficiently
bug-compatible with contemporaneous versions of MS-Windows to enable the
malware du jour to run and propagate.  E.g.:

(No relation, by the way, though I've met Matt Moen.)

I expect the same is true of DOSBox.

More information about the conspire mailing list