Home
Tools
Malybuzz
peepdf
Pub
Advisories
Exploits
Articles
Presentations
Var
Scripts
About
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Read more
Español
Search this site:
Black Hat
Conferences
Challenge
PDF
Malware
Botnets
Javascript
Analysis
Specifications
Spam
Exploits
ZeuS
Malcode
peepdf
Feodo
Botnet
NFC
Exploit kits
Vulnerabilities
Mobile
Tatanga
Python
Scripts
Fraud
Research
Security
Shellcode
Citadel
Tools
Social Networking
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
Dancho Danchev's 2010 Disappearance - An Elaboration - Part Two
Citas para la semana que viene: Eventos, Cursos, Charlas y Conferencias
Historical OSINT - Gumblar Botnet Infects Thousands of Sites Serves Adobe Flash Exploits
Threat Roundup for October 12 to October 19
Beers with Talos EP 39: VB 2018 Rundown and Prevalent Problems with PDF
Historical OSINT - iPowerWeb Hacked Hundreds of Web Sites Affected
Things I Hearted this Week, 19th October 2018
Slither – a Solidity static analysis framework
Detecting Empire with USM Anywhere
Pattern Welding Explained as Wearable Art
An Elaborate Hack Shows How Much Damage IoT Bugs Can Do
How Russian Facebook Ads Divided and Targeted US Voters Before the 2016 Election
Infocon: green
ISC Stormcast For Friday, April 6th 2018 https://isc.sans.edu/podcastdetail.html?id=5943, (Fri, Apr 6th)

Threat Hunting & Adversary Emulation: The HELK vs APTSimulator - Part 1, (Thu, Apr 5th)
more
