Home
Tools
Malybuzz
peepdf
Pub
Advisories
Exploits
Articles
Presentations
Var
Scripts
About
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Read more
Español
Search this site:
ZeuS
Spam
Tools
Vulnerabilities
Security
Exploits
Specifications
Analysis
Botnets
Exploit kits
Social Networking
Fraud
Research
PDF
Scripts
Feodo
Javascript
Malcode
Tatanga
Python
peepdf
Shellcode
Mobile
Malware
Citadel
Conferences
Challenge
Botnet
NFC
Black Hat
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
Infocon: green
Goodbye "No Hack, No Fun". Goodbye Paper.ly
ISC Stormcast For Friday, March 24th, 2023 https://isc.sans.edu/podcastdetail.html?id=8424, (Fri, Mar 24th)
The TikTok Hearing Revealed That Congress Is the Problem
Update: oledump.py Version 0.0.73
TikTok Paid for Influencers to Attend the Pro-TikTok Rally in DC
Overview of Content Published in February
Threat Source newsletter (March 23, 2023) — Meta is threatening to ban news sharing in Canada. Good.
S3 Ep127: When you chop someone out of a photo, but there they are anyway…
Cropping and Redacting Images Safely, (Thu, Mar 23rd)
Fighting the Good Fight: Life inside the Talos Ukraine Task Unit
Senderbase.org redirects to end in April
Understanding Managed Detection and Response – and what to look for in an MDR solution
BlackGuard stealer extends its capabilities in new variant
Windows 11 also vulnerable to “aCropalypse” image data leakage
Can you pass The Rekt Test?
Codex (and GPT-4) can’t beat humans on smart contract audits
more
