Home
Tools
Malybuzz
peepdf
Pub
Advisories
Exploits
Articles
Presentations
Var
Scripts
About
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Read more
Español
Search this site:
Research
Shellcode
Conferences
Exploits
Python
Scripts
Citadel
Specifications
Malware
Analysis
Javascript
Exploit kits
Botnets
ZeuS
Spam
Feodo
Black Hat
Challenge
Botnet
Vulnerabilities
Security
NFC
Social Networking
Reversing
Tools
Mobile
peepdf
PDF
Fraud
Tatanga
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
Infocon: green
The Challenge of Cracking Iran’s Internet Blockade
Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server
Threat Roundup for September 23 to September 30
High-severity Microsoft Exchange 0-day under attack threatens 220,000 servers
Microsoft: Two New 0-Day Flaws in Exchange Server
Deepfake Bruce Willis may be the next Hollywood star, and he’s OK with that
Mystery hackers are “hyperjacking” targets for insidious spying
Why Do So Many Data Protection Programs Fail
Exchange Server 0-Day Actively Exploited, (Fri, Sep 30th)
URGENT! Microsoft Exchange double zero-day – “like ProxyShell, only different”
Go Update iOS, Chrome, and HP Computers to Fix Serious Flaws
Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium
How analyzing employee behavior can improve your cybersecurity posture
Dispositivos que compensan huella de carbono y se pagan en Criptomonedas en Tu.com con @Bit2Me
ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
S3 Ep102: How to avoid a data breach [Audio + Transcript]
Update: rtfdump.py Version 0.0.11
Healthcare Industry Leads the Way in Fixing Software Flaws
It pays to be Circomspect
more
