Archive of software and other data involved in the Superfish / Komodia incident
Python
Permalink
Failed to load latest commit information.
certificates
screenshots
scripts
software
README.md

README.md

superfishy

Archive of software, links and other data involved in the Superfish / Komodia incident

warning and password

You don't want to install any of the software here if you are not doing this for security research. All provided downloads contain dangerous software, if you use them you will endanger the security of your system. To make sure nobody accidently installs it they are packed in password-protected zip files. The password for all files is

iknowwhatimdoing

background / links

Test if you are affected:

Some of my blog posts:

My own news coverage in German media:

Some english news articles:

Background / sources:

what?

Lenovo delivered Laptops with a preinstalled Adware called Superfish in 2014. Superfish created a severe security hole in all affected devices. Later it turned out that several other Internet filtering products were affected by the same issue.

The software installs a root certificate into the browser which allows Man-in-the-Middle-attacks.

I am collecting all the software, the extracted certificates and private keys to make sure they stay available.

Please send pull requests, mail me interesting items or upload them here.

Hanno Böck, https://hboeck.de/