

.NET Framework rootkits - backdoors inside your framework  - webappsec
http://www.cgisecurity.net/2008/11/net-framework-r.html

======
tptacek
All this paper says is that if your framework includes unsigned MSIL binaries,
you can (given an exploit that allows you to overwrite arbitrary files)
backdoor the binaries. Amazing! Did you know that if you can write access to
Python scripts, you can backdoor Django apps too?

~~~
wayne
Yeah, it's stupid. From their presentation: "This is a post exploitation type
attack, that requires administrator level privileges." By then you're owned so
who cares?

~~~
shimi
I totally agree, this is far from being a major security hall.

