Home
Tools
Malybuzz
peepdf
Pub
Advisories
Exploits
Articles
Presentations
Var
Scripts
About
Home
Workshop
Analysis of a CVE-2013-3346/CVE-2013-5065 exploit with peepdf
Conferences
Exploits
PDF
peepdf
Shellcode
Tools
Vulnerabilities
Workshop
There are already some good blog posts talking about this exploit, but I think this is a really good example to show how
peepdf
works and what you can learn next month if you attend the
1day-workshop
“Squeezing Exploit Kits and PDF Exploits”
at
Troopers14
or the
2h-workshop
"PDF Attack: A Journey from the Exploit Kit to the Shellcode"
at
Black Hat Asia (Singapore)
. The mentioned exploit was using the
Adobe Reader ToolButton Use-After-Free vulnerability
to execute code in the victim's machine and then the
Windows privilege escalation 0day
to bypass the
Adobe sandbox
and execute a new payload without restrictions.
This is what we see when we open the PDF document (
6776bda19a3a8ed4c2870c34279dbaa9
) with
peepdf
:
Submitted by jesparza on Thu, 2014/02/20 - 21:48
Read more
Español
Search this site:
Security
peepdf
Black Hat
Python
Citadel
Spam
Exploit kits
NFC
Feodo
Javascript
Malcode
Fraud
Tools
Analysis
Exploits
Scripts
Research
Botnets
Mobile
Malware
PDF
Botnet
Shellcode
Conferences
Social Networking
Specifications
ZeuS
Challenge
Vulnerabilities
Tatanga
more tags
Latest blog posts
Dridex spam campaign using PDF as infection vector
Adding a scoring system in peepdf
Travelling to the far side of Andromeda at Botconf 2015
Black Hat Arsenal peepdf challenge solution
Black Hat Arsenal peepdf challenge
peepdf news: GitHub, Google Summer of Code and Black Hat
Andromeda/Gamarue bot loves JSON too (new versions details)
Quick analysis of the CVE-2013-2729 obfuscated exploits
Dissecting SmokeLoader (or Yulia's sweet ass proposition)
Released peepdf v0.3
more
Security Posts
Infocon: green
M0d2377ba4f5077062407de4a743baf673
Algoritmos de Texto Predictivo para que crees tus novelas de Harry Potter, Drácula o Don Quijote de la Mancha
ISC Stormcast For Friday, May 24th 2019 https://isc.sans.edu/podcastdetail.html?id=6512, (Fri, May 24th)
The Danger in Assange’s Charges, a Memory Experiment, and More News
The Latest Julian Assange Indictment Is an Assault on Press Freedom
One year later: The VPNFilter catastrophe that wasn't
Threat Source newsletter (May 23)
Investigating an Odd DNS Query, (Thu, May 23rd)
Sorpresa! JasperLoader targets Italy with a new bag of tricks
How To Optimize Your Security Defenses
Automotive Ethernet—Full-Stack Conformance Testing
Exploiting PHP Phar Deserialization Vulnerabilities - Part 1
What is ‘Metadata’ and why does it matter?
Subscriber-Aware Session Monitoring: The ABCs of Network Visibility
Technology Changes Are Creating Significant Challenges for Higher Education
What to do when traffic overwhelms your monitoring tools
The Best Way To Optimize Load Balancing for Inline Security Appliances
What is Port Scanning?
Mirai is still alive and using multiple old exploits on home routers
more
