• Posts Tagged ‘exploit’

    AV Bypass for Malicious PDFs Using XDP

    by  • June 15, 2012 • Uncategorized

    Update - 06/19/2012 alert tcp $EXTERNAL_NET $FILE_DATA_PORTS -> $HOME_NET any (msg:"FILE-PDF Adobe PDF XDF encoded download attempt"; flow:to_client,established; flowbits:isset,file.xml; file_data; content:"JVBERi"; fast_pattern:only; content:"

    Read more →

    Toying With MS11-050

    by  • June 28, 2011 • Uncategorized

    Update 06/29/2011 - 3:46PM I have modified a local copy of the exploit file I have to run safetly (no shellcode) and still get a crash. Initially I suspected that the final aspects of the JavaScript did not play too much in the role of the crash. ...

    Read more →

    Eleonore is One Ugly Mistress

    by  • June 23, 2011 • Uncategorized

    While taking a break from malicious PDFs, I decided it would be a good idea to start breaking down some of these well-known exploit kits. I have seen a couple good write ups on how the kits are spreading and becoming successful, but not too much i...

    Read more →