what you don't know can hurt you
Showing 1 - 6 of 6 RSS Feed

Files from Didier Stevens

Email addressdidier.stevens at gmail.com
First Active2009-11-26
Last Active2017-04-24
Microsoft Office Word Malicious Hta Execution
Posted Apr 24, 2017
Authored by Haifei Li, Didier Stevens, sinn3r, Nixawk, ryHanson, vysec, wdormann | Site metasploit.com

This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a http(s) request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in Oct 2016. This Metasploit module was created by reversing a public malware sample.

tags | exploit, web, code execution
advisories | CVE-2017-0199
MD5 | 22d66842eeda59c2f386116bd2c8a720
Escape From PDF
Posted Apr 1, 2010
Authored by Didier Stevens

PDF hack that demonstrates how to execute an embedded executable.

tags | exploit
MD5 | e718a37847352afb2794d7b03acc1f00
Adobe Collab.collectEmailInfo() Buffer Overflow
Posted Nov 26, 2009
Authored by MC, Didier Stevens | Site metasploit.com

This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional 8.1.1. By creating a specially crafted pdf that a contains malformed Collab.collectEmailInfo() call, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-5659
MD5 | dfc63320a3e857a6b265b1889566df3b
Adobe Collab.getIcon() Buffer Overflow
Posted Nov 26, 2009
Authored by MC, jduck, Didier Stevens | Site metasploit.com

This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.4. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-0927
MD5 | 1f2320eef87406c95ea5b7edbe4b85eb
Adobe JBIG2Decode Memory Corruption Exploit
Posted Nov 26, 2009
Authored by redsand, Russell Sanford, MC, Didier Stevens, natron | Site metasploit.com

This Metasploit module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This Metasploit module relies upon javascript for the heap spray.

tags | exploit, javascript
MD5 | 19c89751bf0373e4af9b9aa3630c9a20
Adobe util.printf() Buffer Overflow
Posted Nov 26, 2009
Authored by MC, Didier Stevens | Site metasploit.com

This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.3. By creating a specially crafted pdf that a contains malformed util.printf() entry, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-2992
MD5 | 9be8b233672ca2f0bc7d59c93c556e68
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    8 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close