Dailydave mailing list archives
Re: 0day, it may not be
From: Rob Fuller <jd.mubix () gmail com>
Date: Thu, 1 Apr 2010 12:56:57 -0400
Linking to a PDF on April Fools Day after just pointing out a PDF binder in the D2 pack... nice Also, Didier isn't pointing out the /launch function as it has been included in Metasploit for quite a while as well. He is (as I understand it) pointing out that his semi-control of the error box lends itself to be much less suspicious than the "C:\WINDOWS\System32\cmd.exe /C @CD..." etc that the current PDF binders display. -- Rob Fuller | Mubix Room362.com | Hak5.org | TheAcademyPro.com Ignore this: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* On Thu, Apr 1, 2010 at 10:52 AM, dave <dave () immunityinc com> wrote:
https://forum.immunityinc.com/board/thread/1199/exploiting-pdf-files-without-vulnerabili/?page=1#post-1199 D2 points out rightfully that everyone with the D2 CANVAS Exploit Pack (email admin () immunityinc com now for pricing! :>) has known about this particular feature of PDF's for over two years. D2 comes with an NDA, so it's not surprising it's not "General Knowledge" but the well-funded among you should at least stop acting so surprised. :> Speaking of funding, Immunity is hiring. https://www.immunityinc.com/downloads/OpeningsApril2010.pdf We should play a game of "functions you can use to bypass DEP" - first person to reach 100 wins? -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- 0day, it may not be dave (Apr 01)
- Re: 0day, it may not be I)ruid (Apr 01)
- Re: 0day, it may not be Thierry Zoller (Apr 02)
- Re: 0day, it may not be Nate Lawson (Apr 01)
- Re: 0day, it may not be Rob Fuller (Apr 01)
- Re: 0day, it may not be cocoruder . (Apr 02)
- Re: 0day, it may not be Nicolas RUFF (Apr 02)
- Re: 0day, it may not be I)ruid (Apr 01)