diazromero Posted January 20, 2012 Share Posted January 20, 2012 (edited) Source code of Phoenix Exploit Kit Version 2.3 This is the hidden content, please Sign In or Sign Up PEK (Phoenix Exploit’s Kit) has become one of the most used by those who flood the Internet every day with different types of malicious code. The sale of this version began in July 2010 at a cost of $2200. The default exploits for this version are: Adobe Reader newPlayer CVE-2009-4324 Adobe Reader LibTiff CVE-2010-0188 Adobe PDF SWF CVE-2010-1297 Adobe Reader/Foxit Reader PDF OPEN CVE- 2009-0836 Java HsbParser.getSoundBank (GSB) CVE-2009- 3867 Java Runtime Environment (JRE) CVE-2008-5353 Java SMB CVE-2010-0746 IE iepeers CVE-2010-0806 Windows Help Center (HCP) CVE-2010-1885 IE SnapShot Viewer ActiveX CVE-2008-2463 One of the most important changes in this release was PDF libtiff support the use of bypass ASLR, DEP more for PDF file reader Adobe Reader on your version 8.0- 9.3.0 for Windows Vista and Windows7. Generally we have seen the spread executable binary as a variant of the trojan generated with the private constructor SpyEye: exe.exe (014678ec0f5e2b92d7f0 89a20ffe77fa). Once executed, the malware establishes a connection to the domain clandestine fordkaksosat.info (193.105.207.45 – AS50793 ALFAHOSTNET) from which you download and run malware automatically a rogue type. This malware is also promoted through a website from which, using social engineering, simulates the sale of an antivirus program through a file called PCDefend erSilentSetup.msi (ecff63c1f983858dfd7fb926738cb47 8), which represents the so-called rogue PC Defender Antivirus. The cost is typically USD 59.95. PEK has been around since mid-2007. This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Edited March 31, 2012 by diazromero Link to comment Share on other sites More sharing options...
silver Posted January 20, 2012 Share Posted January 20, 2012 Link no valid Link to comment Share on other sites More sharing options...
diazromero Posted January 20, 2012 Author Share Posted January 20, 2012 depositfiles and rapidshare links works. take a look Link to comment Share on other sites More sharing options...
(Sony) Posted January 20, 2012 Share Posted January 20, 2012 Tengo que analizar esto cuidado Link to comment Share on other sites More sharing options...
diazromero Posted January 20, 2012 Author Share Posted January 20, 2012 Sony: Si puedes echarle un vistazo a los 3 Exploit Packs, te lo agradezco. Yo no los revisé ni los he probado bien. Gracias y Saludos! Link to comment Share on other sites More sharing options...
Recommended Posts