Metasploit mailing list archives
Re: Setting triple/quad PDF exploit system
From: Spring Systems <korund () hotmail com>
Date: Mon, 28 Jun 2010 19:21:37 +0000
Thanks for details. Thought I saw somewhere one tool, as was noted in description, it create pdf which include two
modules exploiting Libtiff and Collab.Getlcon() exploits. (in one pdf)
Regards,
Spring Systems
From: atul () secfence com
Date: Mon, 28 Jun 2010 21:51:49 +0530
Subject: Re: [framework] Setting triple/quad PDF exploit system
To: korund () hotmail com
CC: framework () spool metasploit com
Hello,
As far as I know, there is no way through which you can achieve that in
Metasploit.
As per my understanding of your post, you want an generate a single pdf that will exploit multiple vulns. But, AFAIK,
its not possible to move on to the next exploit if one fails.
All the malicious pdf's I've come across incorporate multiple exploits by checking the reader application's version.
The shellcode/payload can be the same, but the exploit is triggered after checking the version.
A Javascript pseudo-code :
var version = app.viewerVersion;if(version>8)
{ //do something
}if(version>8)
{ //do something else..
}
.. and so on
Hope that helped.
BTW, If someone can share a technique to trigger the next exploit by checking if the current one failed, I'll
appreciate that.
Thanks,
Atul
Agarwal
Secfence Technologies
On Mon, Jun 28, 2010 at 8:43 PM, Spring Systems <korund () hotmail com> wrote:
Is it possible to join few adobe exploits, say 3-4 ones, into one PDF file, to make triple (or quad) exploit system?
All exploits dedicated to launch one payload (which is compatible with all these PDF exploits). Is it possible and how
to achieve this in Metasploit? I know there is triple PDF sploits in the wild, if one exploit fails, then another
exploit start, if it also fails, the next instance will run (loop).
Hotmail has tools for the New Busy. Search, chat and e-mail from your inbox. Learn more.
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
_________________________________________________________________
The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Meterpreter reverse shell error. eski mo (Jun 21)
- Fwd: Meterpreter reverse shell error. eski mo (Jun 22)
- Setting triple/quad PDF exploit system Spring Systems (Jun 28)
- Re: Setting triple/quad PDF exploit system Atul Agarwal (Jun 28)
- Re: Setting triple/quad PDF exploit system Spring Systems (Jun 28)
- Testing exploits Spring Systems (Jun 28)
- Re: Setting triple/quad PDF exploit system Atul Agarwal (Jun 28)