Pub
Var
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Read more
Español
Search this site:
PDF
peepdf
Tatanga
Citadel
Feodo
Fraud
Black Hat
Security
Shellcode
Challenge
Analysis
Conferences
ZeuS
Malcode
Malware
Botnet
Spam
Scripts
NFC
Botnets
Mobile
Python
Social Networking
Research
Vulnerabilities
Exploits
Exploit kits
Specifications
Javascript
Tools
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
Infocon: green
Resilient architectures part 2: Benchmarking performance of webserver-based applications
Best Practices for Network Security Threat Hunting
The Network Makeover Overview
Hardware reverse engineering: Hack TP-Link AC1750 router root password using JTAG
Insider Threats - What Do You Need To Know?
Fighting malware. What’s in your arsenal?
How network security is evolving—Behavior is the new signature
Four tips to ensure optimal SD-WAN performance
Own IT. Secure IT. Protect IT. Ixia and NCASM 2019
Ransomware and Getting Out of Difficult Decisions
Announcing the 10th Volume of our State of Software Security Report
It's Time to Outsource Your Passwords to an App
In Hong Kong, Which Side Is Technology On?
ISC Stormcast For Tuesday, October 22nd 2019 https://isc.sans.edu/podcastdetail.html?id=6718, (Tue, Oct 22nd)
Faast: El servicio de Pentesting Persistente y el Reporte Responsable a Apple
A Brief History of Russian Hackers' Evolving False Flags
Reviewing best practices for IT asset management in the cloud
Quickpost: ExifTool, OLE Files and FlashPix Files
New Tool: simple_tcp_stats.py
more
