Page 1 of 3 123 LastLast
Results 1 to 10 of 30

Thread: Using-an-adobe-exploit-in-a-email-attack

  1. #1
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default Using-an-adobe-exploit-in-a-email-attack

    I just wrote this article for a website my friend and I post on and I wanted to share it here, but I am to lazy to rewrite it so here is the link.

    Using an Adobe Exploit in a Email Attack

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Pretty cool write up . Funny you posted that right now, as I was checking the Offsec blog and watching the "hollywood version" on that exploit a few moments ago.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Yeah Logan did it first but I wanted to write something for my friends site that wasn't to technical so normal people could understand.

  4. #4
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    "Adobe has been informed of this vulnerability for well over a month now and has issued a statement that it will release a fix on January 14th"

    There's some great articles on this site. Thanks for sharing. Will make for good reading tonight .

  5. #5
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default

    Awesome article. I have a feeling that we're going to see this a lot more where I work.
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  6. #6
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    Good Reading! Thanks for sharing. It's scary indeed that adobe will just fix it on January. In the mean time i'll never open another pdf...

  7. #7
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default

    For those of you running in a Windows environment, this will do the trick for you in defending against the recent Acrobat JS Exploits:

    Adobe Updater, JavaScript and Open in Browser settings controlled by Group Policy. | My Outer Monologue

    edit: You need to right click Administrative Template > View > Filtering and uncheck "Only show policy settings that can be fully managed" in order to see any of the settings other than "Enable Auto Updater in Reader x.x"

    edit2: If you ever need to remove the policy for any reason, you need to make sure you switch the JS settings to "Not Configured" before deleting the GPO.
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  8. #8
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    I am not suggesting anything illegal or immoral what-so-ever, I am just pointing out that this thread and the one here are the latest ones that I have read, and well LOL!


    Speaking of this thread, Pureh@te I noticed you got a few nice articles written there. This one is a good one indeed.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  9. #9
    prowl3r
    Guest

  10. #10
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    MailScan for mail Daemon seems to detect the backdoor.

    EDIT: Sorry, wrong info... Actually it's some anti-virus with Daemon on its name. Can't know for sure since my colleague's connection went down and I can't talk with him.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •