Howto: Install evilgrade on Backtrack5

Howto: Install evilgrade on Backtrack5

EvilGrade exploits weaknesses in the auto-update services of multiple common software packages. It is able to trick the service into believing there is a signed update available for the product, thus prompting the user to install the upgrade. Unfortunately the upgrade is in actuality an attacker’s payload. The nefarious part about this product is that it is very difficult for the average user to detect! Since it utilizes the software’s own update process, there is no suspicious looking box or popup that would seem out of the ordinary; it would look just like any other legitimate upgrade

How to install(1):
1. Download it from http://www.infobytesec.com/down/isr-evilgrade-2.0.0.tar.gz
   $ wget http://www.infobytesec.com/down/isr-evilgrade-2.0.0.tar.gz

2. Extract it.
   $ tar xzvf isr-evilgrade-2.0.0.tar.gz

3. Install required perl module
   $ cpan Data::Dump

4. Run it.
   $ ./evilgrade


How to install(2):

1. Install via aptitude
   $ apt-get install isr-evilgrade -y



2. Install required perl module
   $ cpan Data::Dump

3. Run it
   $ cd /pentest/exploits/isr-evilgrade
   $ ./evilgrade

By Kaila Piyush HackingArticles4all.blogspot.com