Metasploit mailing list archives
Re: Setting triple/quad PDF exploit system
From: Spring Systems <korund () hotmail com>
Date: Tue, 29 Jun 2010 13:31:58 +0000
Hi, here is screenshot, I read only short description published on one private forum, author didn't share it yet; works on Adobe 5.0 to Adobe 9.3 2 modules use Launch Action + 2 modules uses Libtiff и exploit Collab.Getlcon() exploits. http://img88.imageshack.us/img88/1654/indexpf.jpg Regards, Spring
Date: Tue, 29 Jun 2010 16:56:33 +0530 Subject: Re: [framework] Setting triple/quad PDF exploit system From: sachinshinde11 () gmail com To: korund () hotmail com; framework () spool metasploit com Hi , Can you point me the link? Collab.GetIcon() is javascript VM vulnerability(you know that) and Libtiff is int overflow in libtiff library. But I dont think metasploit right now can combine them together you have to do it manually.Its simple ,you can do it , if you know the pdf file format and have payloads :-).also see didder stevens blog for obfuscation techniques. additionally you can try my tool spiderpig (http://code.google.com/p/spiderpig-pdffuzzer/) to create your own triple exploit system based on javascript. there is python script(spig.py) which reads input file and write it as a javascript code into the pdf file but limitation is ,it will only target javascript VM. Regards, cons0ul On Tue, Jun 29, 2010 at 2:47 PM, Spring Systems <korund () hotmail com> wrote:Hi, yes, something like this. I saw somewhere one tool(.NET application), as was noted in description, it creates pdf which include two modules exploiting Libtiff and Collab.Getlcon() exploits, and dedicated to execute embedded exe file (in one pdf) Regards, SpringDate: Tue, 29 Jun 2010 11:22:42 +0530 Subject: Re: [framework] Setting triple/quad PDF exploit system From: sachinshinde11 () gmail com To: framework () spool metasploit com CC: korund () hotmail com Hi , Are you talking about exploits that uses vulnerablilities in the PDF javascript VM ?if yes, then therotically it may be posssible(never tried) to create triple exploit file system by spraying donkey way and then trying mem currption exploits one by one.but latest trend is embedding swf exploits in pdf. Regards, cons0ul________________________________ Hotmail has tools for the New Busy. Search, chat and e-mail from your inbox. Learn more.
_________________________________________________________________ The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail. http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: Setting triple/quad PDF exploit system Sachin Shinde (Jun 28)
- Message not available
- Re: Setting triple/quad PDF exploit system Sachin Shinde (Jun 29)
- Re: Setting triple/quad PDF exploit system Spring Systems (Jun 29)
- Re: Setting triple/quad PDF exploit system Spring Systems (Jun 29)
- Re: Setting triple/quad PDF exploit system Sachin Shinde (Jun 29)
- Message not available