CPF PASSED Zapass Trojan Test

Learn about Computer Security Leak Testing/Attacks/Vulnerability Research
#1

Greetings,

Source 1
Source 2

From Ian “Gizmo” Richards
Editor
Support Alert Newsletter

""Can the Security Product Detect Process Injection?""

I used the ZapAss test program that injects an implant into a running process and then downloads a file using that process.

None of the security products tested warned of the process injection. Simple as that. Better get out your IDS program ;>)

rki: I’d reply by saying…You should have included COMODO Personal Firewall onto your test and see what happens!

–Furthermore…
And another quote from The Whirly Wiry Web team(Source 2)

Masquerades vs Implants ZoneAlarm is rightfully considered the best software firewall available, using advanced techniques to identify applications that request access to the Internet. ZoneAlarm was initially the [s]only[/s] firewall that successfully withstood Steve Gibson's LeakTest 1, a test trojan that masquerades as a trusted application.

rki: No, ofcourse, CPF also Passed with flying colours!

Now, you may all be wondering what I’m I talking about?

-“It’s all about the zapass trojan test” - Zapass is a harmless test trojan that can inject an implant in whatever process running, including Internet Explorer, Netscape Navigator, Opera, Outlook or even Notepad! .
Yes it is HARMLESS because I’ve tested it SEVERAL TIMES

My Results with CPF+zapass!!!

  • I tried injecting CTF Loader with the zapass trojan and CPF pops out with a message “zapass.exe has modified ctfmon.exe in memory. This is a typical of virus.Trojan and spyware behaviour” Injection Failed.

  • Tried Injecting mIRC & MSN messenger

  • Issue download - Failed

  • Issue Lifecheck - Failed

  • Screen shot attached below

  • Description: application Access Denied (ctfmon.exe: 127.0.0.1:8080)
    Application: C:\WINDOWS\system32\ctfmon.exe
    Parent: C:\WINDOWS\explorer.exe
    Protocol: TCP Out
    Destination: 127.0.0.1:8080

Now, has you’ve seen CPF has an advanced techniques in identifing and noticing applications that request any Outgoing access to the Internet. CPF has no compitetors when it comes to the question of “what’s the Best Firewall today”, there’s just no firewall that comes 2nd to CPF and I hereby request for all we the users to give a special thanks to the COMODO TEAM starting from the CEO(Melih) down to its Developers and Admins/Mods for putting down such a GREAT/FREE Products OUT.

NB: The mods are allowed to edit my post to suite their needs in any form they may want to change/add to it !

Thanks,
rki.

[attachment deleted by admin]

#2

Greetings,

Here’s mine: Thanks to the COMODO’s TEAM

Thanks,
rki.

#3

can you pls email Ian the Gizmo!

Obviously he does not know about CPF and is a guy who should be aware of CPF so that he can inform his users.

Lets all get in touch with him.
thanks
Melih

#4

Thanks to the COMODO’s TEAM for such Great Products and thorough Help Support!
Keep upthe Good work!