Client Sides and Adobe 9.3


Thanks to our good friend dookie who passed us a link to a CVE about the new exploit for Adobe 9.3. Well, I should just say it is not for 9.3 but it states:
Exploit works with Adobe Javascript disabled.
Tested : successfully tested on Adobe Reader 9.1/9.2/9.3 OS Windows XP(SP2,SP3 any languages), also works with Adobe browser plugin

A hacker by the nick of villy made a python script that will create a pdf that will launch calc.exe on a WinXP SP2 Box with the most up-to-date version of Adobe Reader installed even with Java turned off.

After playing with it we replaced the shellcode with a Windows Reverse Shell and then tried it on a fully patch system! BAM – Shell again.

We took the PDF file and uploaded it to Virus Total and an amazing 0/42 was returned and that is before we even used Shakata Ganai to encode it.

Of course we documented the adventure and put a new video up on our site on the resources page entitled Brand New Adobe 9.3 Exploit

Enjoy and stay tuned for more to come.

A new level to spearphishing


Heck, most intelligent IT Admins won’t click on the link to “See Britney Naked” or “Adjust your Bank of America Account” because they know it is phishing.

But comes in the “new and improved shiny phishing”. These social engineers have done their homework.

Forget Big Brother…. We Have High Schools


Basically the gist of the story is that a school in Philadelphia USA issues laptops to their students. One day Little Blake Robbins goes to school and is slapped with a “improper behavior in his home” disciplinary action.

The Importance of Information Gathering


Our friend and contributor Matt was kind enough to put into writing a few stories from his law enforcement days. This excellent example shows how important it is to pay attention to the little details when information gathering. Sometimes the littlest details can make or break the story…..

Social Engineering in the news


It brings to light some very interesting facts…. malicious social engineers are looking at what is “bothering” people and then offering information and/or solutions if “you just click here.” Everything from money help for the economic woes people are experiencing right down to cures for the H1N1 Virus. It makes a further valid point, that the users are the ones who are to blame.