ISR-evilgrade v1.0.0 It's is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.
More info: http://www.infobyte.com.ar/down/ISR-evilgrade-Readme.txt ISR-evilgrade presentation slides Demo feature - (Java plugin + Dan Kaminsky Dns vulnerability) = remote pwned.