Pub
Var
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Read more
Español
Search this site:
Exploit kits
Javascript
Scripts
Fraud
Black Hat
Malcode
Challenge
Conferences
Malware
NFC
Security
Shellcode
peepdf
PDF
Citadel
ZeuS
Feodo
Vulnerabilities
Mobile
Social Networking
Tools
Python
Botnets
Specifications
Research
Exploits
Analysis
Botnet
Spam
Tatanga
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
Infocon: green
Easier path discovery for network troubleshooting
iBypass and Thoughts in a Traffic Jam
Are you Feeling the Need for Speed?
Net Optics, Anue, BreakingPoint and Veriwave - Great Ixia Acquisitions
EVPN over SRv6 – Simplification with Unified Technology
Buddy, Can You Spare a Nano-Second?
Broadcast Industry Revolution - Migration to IP Infrastructure
How to Implement Security Monitoring For Critical Infrastructure
Hybrid IT Monitoring: The ABCs of Network Visibility
Flex Your Time-Sensitive Networking (TSN) Conformance Testing
How Bug Bounty programs work
Beers with Talos Ep. #59: The tardy episode
What you — and your company — should know about cyber insurance
Finally, a Lightning YubiKey to Kill Password Clutter on Your iPhone
Guildma malware is now accessing Facebook and YouTube to keep up-to-date, (Tue, Aug 20th)
Así fue la conferencia que hice con Mi Hacker para presentar AURA a los compañeros de Telefónica
ISC Stormcast For Tuesday, August 20th 2019 https://isc.sans.edu/podcastdetail.html?id=6628, (Tue, Aug 20th)
China Attacks Hong Kong Protesters With Fake Social Posts
You Can Jailbreak Your iPhone Again (But Maybe You Shouldn’t)
more
