Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Great point... are those uniquely named based on the application installed? That might be a nice, oblique way of checking if a particular program is installed.


Yes, these are GUIDs in the following format:

{931373E2-3DA4-4631-930C-F59510630DA3}

It seems to me that's a good theory of what it might be looking for, as GUIDs should make good triggers. I wonder if this reduces the search space enough to make brute force feasible now.


128 bit GUIDs give pairs of 256 bits -- too large to mount an efficient brute force.


But checking all known GUIDs might be more feasible.


Well, yeah, but where do you get a list of known GUIDs for InstallShield? Might as well just gather a list of all known Program Files directories.


To bruteforce like this, wouldn't you need every possible application installed on the computer?

If the payload is a zero day for an obscure Iranian made piece of software, no one will ever get that




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: