Metasploit mailing list archives
Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb).
From: Richard Miles <richard.k.miles () googlemail com>
Date: Thu, 16 Sep 2010 11:28:50 -0500
Hi, Appear it's not working even with recent versions... weird. :( I also see that my AV is detecting the exploit generated by adobe_cooltype_sing.rb, it detect the .pdf file and automatic quarantine it. There is a way to bypass it? Also, it's possible to use the content (text, images, etc) of another pdf in the one generated by metasploit? And there is a feature to load a copy of the real pdf after exploitation? I mean, it may help to call less attention of victim... Anyone has any follow-up about CVE-2010-2729 (MS10-061) vulnerability? I found this http://thatsbroken.com/?p=360 Thanks On Thu, Sep 16, 2010 at 8:45 AM, Miguel Rios <miguelrios35 () yahoo com> wrote:
Hi. I tested the cooltype exploit with latest fully patched Adobe (9.3.4) and Windows 7 Ultimate (EN). Adobe crashes but shellcode is not run. It seems like DEP wasn't successfully bypassed in my setup. I hope to test it on XP SP3 soon. --- On *Wed, 9/15/10, Richard Miles <richard.k.miles () googlemail com>*wrote: From: Richard Miles <richard.k.miles () googlemail com> Subject: [framework] New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). To: framework () spool metasploit com Date: Wednesday, September 15, 2010, 5:15 PM Hi I'm wondering if metasploit has a exploit for the hot and new CVE-2010-2729 (MS10-061) vulnerability. Or there is someone working on it? I'm testing adobe_cooltype_sing.rb, with Adobe version 7.x, it says is may be vulnerable, but not confirmed. Someone had any lucky with that? Or has a more reliable exploit for older versions? Thanks _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). Richard Miles (Sep 15)
- Message not available
- Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). Richard Miles (Sep 16)
- Message not available