Metasploit mailing list archives
Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb).
From: Jeffs <jeffs () speakeasy net>
Date: Thu, 16 Sep 2010 21:16:48 -0400
I don't see this exploit in my most recently updated version of metasploit. Does it need to be added manually?
On 9/16/2010 12:28 PM, Richard Miles wrote:
Hi, Appear it's not working even with recent versions... weird. :(I also see that my AV is detecting the exploit generated by adobe_cooltype_sing.rb, it detect the .pdf file and automatic quarantine it. There is a way to bypass it?Also, it's possible to use the content (text, images, etc) of another pdf in the one generated by metasploit?And there is a feature to load a copy of the real pdf after exploitation? I mean, it may help to call less attention of victim...Anyone has any follow-up about CVE-2010-2729 (MS10-061) vulnerability? I found this http://thatsbroken.com/?p=360 ThanksOn Thu, Sep 16, 2010 at 8:45 AM, Miguel Rios <miguelrios35 () yahoo com <mailto:miguelrios35 () yahoo com>> wrote:Hi. I tested the cooltype exploit with latest fully patched Adobe (9.3.4) and Windows 7 Ultimate (EN). Adobe crashes but shellcode is not run. It seems like DEP wasn't successfully bypassed in my setup. I hope to test it on XP SP3 soon. --- On *Wed, 9/15/10, Richard Miles /<richard.k.miles () googlemail com <mailto:richard.k.miles () googlemail com>>/* wrote: From: Richard Miles <richard.k.miles () googlemail com <mailto:richard.k.miles () googlemail com>> Subject: [framework] New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). To: framework () spool metasploit com <mailto:framework () spool metasploit com> Date: Wednesday, September 15, 2010, 5:15 PM Hi I'm wondering if metasploit has a exploit for the hot and new CVE-2010-2729 (MS10-061) vulnerability. Or there is someone working on it? I'm testing adobe_cooltype_sing.rb, with Adobe version 7.x, it says is may be vulnerable, but not confirmed. Someone had any lucky with that? Or has a more reliable exploit for older versions? Thanks _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). Richard Miles (Sep 15)
- Message not available
- Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). Richard Miles (Sep 16)
- Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). Jeffs (Sep 16)
- Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). Richard Miles (Sep 16)
- Re: New Exploits to Metasploit (CVE-2010-2729 and Adobe adobe_cooltype_sing.rb). Richard Miles (Sep 16)
- Message not available