Home
Tools
Malybuzz
peepdf
Pub
Advisories
Exploits
Articles
Presentations
Var
Scripts
About
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Add new comment
Read more
Español
Search this site:
NFC
Analysis
Spam
ZeuS
Scripts
PDF
Malware
Javascript
Conferences
Challenge
Tatanga
Specifications
Citadel
Social Networking
Security
Feodo
Python
Malcode
Shellcode
Fraud
Exploits
Vulnerabilities
Mobile
Botnet
Research
Botnets
peepdf
Black Hat
Exploit kits
Tools
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
Infocon: green
<div class="feedflare">
about
Historical OSINT - A Diversified Portfolio of Fake Security Software
Historical OSINT - A Portfolio of Fake/Rogue Video Codecs
Historical OSINT - A Portfolio of Exploits Serving Domains
New Mobile Malware Spotted in the Wild, Hundreds of Users Affected
Historical OSINT - Inside the 2007-2009 Series of Cyber Attacks Against Multiple International Embassies
Dancho Danchev's Mind Streams of Information Security Knowledge - The World's Most Comprehensive Threats Database
Threat Intelligence - An Adaptive Approach to Information Security - Free Consultation Available
DDanchev is for Hire!
Book Proposal - Seeking Sponsorship - Publisher Contact
Project Proposal - Cybercrime Research - Seeking Investment
Invitation to Join a Security Community
Follow me on Twitter!
Dancho Danchev's 2010 Disappearance - An Elaboration
Cómo usar las novedades en ZAP 2.6.0 para hacer pentesting con FOCA de @elevenpaths
Analysis of Competing Hypotheses (ACH part 1), (Sun, May 28th)
Support my videos on Patreon!
LaCon2k16 Call For Pulpos
more
