{"id":6882,"date":"2019-11-19T01:02:17","date_gmt":"2019-11-19T01:02:17","guid":{"rendered":"http:\/\/www.hexacorn.com\/blog\/?p=6882"},"modified":"2019-11-19T12:14:43","modified_gmt":"2019-11-19T12:14:43","slug":"mindmap-software-as-an-attack-vector","status":"publish","type":"post","link":"https:\/\/www.hexacorn.com\/blog\/2019\/11\/19\/mindmap-software-as-an-attack-vector\/","title":{"rendered":"Mindmap software as an attack vector"},"content":{"rendered":"\n

Looks like mindmap software could be used to deliver bad stuff; interaction is still required, but could be an interesting attack vector especially that it’s a popular type of software in a corp. environment:<\/p>\n\n\n\n

Xmind<\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

FreeMind<\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

MindView<\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

MindManager<\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The latter allows attaching actual binary files as well, but an attempt to launch them will end up with the following dialog box shown:<\/p>\n\n\n\n

\"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"

Looks like mindmap software could be used to deliver bad stuff; interaction is still required, but could be an interesting attack vector especially that it’s a popular type of software in a corp. environment: Xmind FreeMind MindView MindManager The latter … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[15,46,9],"tags":[],"_links":{"self":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/6882"}],"collection":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/comments?post=6882"}],"version-history":[{"count":5,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/6882\/revisions"}],"predecessor-version":[{"id":6892,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/6882\/revisions\/6892"}],"wp:attachment":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/media?parent=6882"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/categories?post=6882"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/tags?post=6882"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}