Home
Tools
Malybuzz
peepdf
Pub
Advisories
Exploits
Articles
Presentations
Var
Scripts
About
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Read more
Español
Search this site:
Botnet
Shellcode
PDF
Javascript
Exploit kits
Feodo
NFC
Vulnerabilities
Python
Black Hat
Conferences
Security
Exploits
Malware
Specifications
ZeuS
Scripts
Botnets
Research
Citadel
peepdf
Analysis
Fraud
Reversing
Challenge
Mobile
Social Networking
Spam
Tools
Tatanga
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
Infocon: green
Fronton IOT Botnet Packs Disinformation Punch
These are the flaws that let hackers attack blockchain and DeFi projects
“Tough to forge” digital driver’s license is… easy to forge
Open Source Intelligence May Be Changing Old-School War
ctx Python Library Updated with "Extra" Features, (Tue, May 24th)
IBM is helping these schools build up their ransomware defenses
How DNS filtering can help protect your business from Cybersecurity threats
The Surveillance State Is Primed for Criminalized Abortion
Telefónica Kernel: El compromiso con una visión y la patente internacional WO 2018/024933 A1
ISC Stormcast For Tuesday, May 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8020, (Tue, May 24th)
New Nokoyawa Variant Catching Up to Peers with Blatant Code Reuse
Spoofed Saudi Purchase Order Drops GuLoader: Part 1
Clearview AI face-matching service fined a lot less than expected
Why it’s hard to sanction ransomware groups
Interactive decompilation with rellic-xref
Adventures in the land of BumbleBee
Electronic Music Production: Arise Above - Trip Hop
more