Pretty cool write up. Funny you posted that right now, as I was checking the Offsec blog and watching the "hollywood version" on that exploit a few moments ago.
Using-an-adobe-exploit-in-a-email-attack
I just wrote this article for a website my friend and I post on and I wanted to share it here, but I am to lazy to rewrite it so here is the link.
Using an Adobe Exploit in a Email Attack
Pretty cool write up
Yeah Logan did it first but I wanted to write something for my friends site that wasn't to technical so normal people could understand.
"Adobe has been informed of this vulnerability for well over a month now and has issued a statement that it will release a fix on January 14th"
There's some great articles on this site. Thanks for sharing. Will make for good reading tonight
Awesome article. I have a feeling that we're going to see this a lot more where I work.
This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.
Good Reading! Thanks for sharing. It's scary indeed that adobe will just fix it on January. In the mean time i'll never open another pdf...
For those of you running in a Windows environment, this will do the trick for you in defending against the recent Acrobat JS Exploits:
Adobe Updater, JavaScript and Open in Browser settings controlled by Group Policy. | My Outer Monologue
edit: You need to right click Administrative Template > View > Filtering and uncheck "Only show policy settings that can be fully managed" in order to see any of the settings other than "Enable Auto Updater in Reader x.x"
edit2: If you ever need to remove the policy for any reason, you need to make sure you switch the JS settings to "Not Configured" before deleting the GPO.
This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.
I am not suggesting anything illegal or immoral what-so-ever, I am just pointing out that this thread and the one here are the latest ones that I have read, and well LOL!
Speaking of this thread, Pureh@te I noticed you got a few nice articles written there. This one is a good one indeed.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
MailScan for mail Daemon seems to detect the backdoor.
EDIT: Sorry, wrong info... Actually it's some anti-virus with Daemon on its name. Can't know for sure since my colleague's connection went down and I can't talk with him.
Posting Permissions
