Page 1 of 2 12 LastLast
Results 1 to 10 of 30

Thread: Using-an-adobe-exploit-in-a-email-attack

Hybrid View

  1. #1
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Using-an-adobe-exploit-in-a-email-attack

    I just wrote this article for a website my friend and I post on and I wanted to share it here, but I am to lazy to rewrite it so here is the link.

    Using an Adobe Exploit in a Email Attack

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Pretty cool write up . Funny you posted that right now, as I was checking the Offsec blog and watching the "hollywood version" on that exploit a few moments ago.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Yeah Logan did it first but I wanted to write something for my friends site that wasn't to technical so normal people could understand.

  4. #4
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    "Adobe has been informed of this vulnerability for well over a month now and has issued a statement that it will release a fix on January 14th"

    There's some great articles on this site. Thanks for sharing. Will make for good reading tonight .

  5. #5
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default

    Awesome article. I have a feeling that we're going to see this a lot more where I work.
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  6. #6
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    Good Reading! Thanks for sharing. It's scary indeed that adobe will just fix it on January. In the mean time i'll never open another pdf...

  7. #7
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    21

    Default avi

    i was playing with this little christmas gift (thank you) and noticed that yahoo mail avi and a few others are all picking it up as a backdoor.... would it be possible to Hex edit the .exe or something of this nature? if so does anyone know what bits must be changed? thank you for your time. and another great post. a real no sleeper for me lol. thank you agian purehate

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Sure you can use msfencode and create the .pdf via the msfcli command line however those are the kinds of things I generally do not feel comfortable making tutorials on. There is lots of info on msfencode around.

  9. #9
    Senior Member
    Join Date
    Jun 2007
    Location
    UK
    Posts
    175

    Default

    I have sent email from BT4 gmail to hotmail account on XP sp2 with pdf attached ok. When I click on the attached pdf I get the following
    " The file security_update.pdf is infected with an unknown virus, so it isn't safe to download "
    any ideas as what next ?
    thanks

  10. #10
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default

    The post above yours tells you what to look for.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •