Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb).

[Richard Miles <richard.k.miles () googlemail com>]

Hi,

Appear it's not working even with recent versions... weird. :(

I also see that my AV is detecting the exploit generated by
adobe_cooltype_sing.rb, it detect the .pdf file and automatic quarantine it.
There is a way to bypass it?

Also, it's possible to use the content (text, images, etc) of another pdf in
the one generated by metasploit?

And there is a feature to load a copy of the real pdf after exploitation? I
mean, it may help to call less attention of victim...

Anyone has any follow-up about CVE-2010-2729 (MS10-061) vulnerability?

I found this http://thatsbroken.com/?p=360

Thanks

On Thu, Sep 16, 2010 at 8:45 AM, Miguel Rios <miguelrios35 () yahoo com> wrote:

> Hi.
> I tested the cooltype exploit with latest fully patched Adobe (9.3.4) and
> Windows 7 Ultimate (EN). Adobe crashes but shellcode is not run. It seems
> like DEP wasn't successfully bypassed in my setup. I hope to test it on XP
> SP3 soon.
>
> --- On *Wed, 9/15/10, Richard Miles <richard.k.miles () googlemail com>*wrote:
>
>
> From: Richard Miles <richard.k.miles () googlemail com>
> Subject: [framework] New Exploits to Metasploit (CVE-2010-2729 and Adobe
> adobe_cooltype_sing.rb).
> To: framework () spool metasploit com
> Date: Wednesday, September 15, 2010, 5:15 PM
>
> Hi
>
> I'm wondering if metasploit has a exploit for the hot and new
> CVE-2010-2729 (MS10-061) vulnerability. Or there is someone working on
> it?
>
> I'm testing adobe_cooltype_sing.rb, with Adobe version 7.x, it says is
> may be vulnerable, but not confirmed. Someone had any lucky with that?
> Or has a more reliable exploit for older versions?
>
> Thanks
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework