Jump to content

Welcome to LeVeL23HackTools

Welcome to LeVeL23HackTools, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of LeVeL23HackTools by signing in or creating an account.

  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.

Guest Message by DevFuse
Sign in to follow this  
Followers 0
dEEpEst

They have just found two serious vulnerabilities thanks to a PDF that they have uploaded to VirusTotal

By dEEpEst, in News

Recommended Posts

dEEpEst    18,195

dEEpEst
Posted

A few months ago, an anonymous user uploaded a PDF file to the online platform 

Hidden Content

    Give reaction to this post to see the hidden content.
 in order to see if it was detected by any of the more than 50 antivirus engines that have this platform or, otherwise, none of them detected it .This PDF file apparently seemed harmless and could have been a user who, after downloading it, wanted to verify that it did not hide anything. However, it seems that this PDF file hid something quite serious.

This PDF file immediately called the attention of several security researchers subscribed to the platform, researchers who soon began to analyze it in depth.Within this PDF file they have been able to find two very dangerous exploits that took advantage of two security flaws still unknown in the Adobe software and in Windows.

Hidden Content

    Give reaction to this post to see the hidden content.

The Adobe vulnerability ( CVE-2018-4990 ) is a failure to execute remote code, while the Windows security failure ( CVE-2018-8120 ) is a privilege escalation failure to be able to execute code at the highest level of permits. The PDF file did not include the final payload and was not 100% complete, so it is believed that it has never been used.

Neither this malicious PDF , nor the exploits that it hid, had never been seen on the network until they were sent to VirusTotal. It is not well known why this PDF came to this online security platform, whether it was from someone who got it in some way or by some rookie hackerwho does not know that all the files sent to VirusTotal are sent to security companies and researchers, even if apparently clean, for in-depth analysis.

What is certain is that, thanks to VirusTotal, we have been able to avoid a series of very dangerous computer attacks, being able to know the vulnerability before it was used to endanger the security of the users.

Update Windows and Adobe to protect yourself from these two vulnerabilities

This PDF was detected in March of this same year, and in the second week of May Microsoft and Adobe released their corresponding security patches without giving specific details about these security flaws. However, in order to give system administrators enough time to update their infrastructures, it has not been until now that Microsoft and Adobe have made public the vulnerabilities that have been detected thanks to this PDF uploaded to VirusTotal .

To protect ourselves from these two failures and make these exploits useless, we must install the latest Windows and Adobe security patches. These vulnerabilities were already solved the second week of May with the corresponding patches, so, installing these patches we will be fully protected.

What do you think of these two security flaws discovered and solved thanks to VirusTotal?

  • Like 2
  • Thanks 1

Share this post

Link to post
Share on other sites

Lara    1

Lara
Posted

I tell what happened the lamer bought exploit the 0day for adobe acrobat from 0day.today, and just fuked up the exploit

let dos this virustotal

Share this post

Link to post
Share on other sites

dEEpEst    18,195

dEEpEst
Posted

They buy or download a crypter and the first thing they do is upload it to VirusTotal, and then they tell you that they detect it as antivirus.
They pull the work of days even of months in a few minutes, fucking lamers .....

Share this post

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0
Go To Topic Listing News

  • Similar Content

    • 1337day-Exploits
      WordPress PDF Catalog For WooCommerce 1.1.18 Database Disclosure
      By 1337day-Exploits
      WordPress PDF Catalog for WooCommerce plugin version 1.1.18 suffers from a database disclosure vulnerability.

      Hidden Content
      Give reaction to this post to see the hidden content.
    • electrify
      How to make a self extracting archive that runs your setup.exe with 7zip
      By electrify
      Step 1 - Setup your installation folder
      To make this easy create a folder c:\Install. This is where we will copy all the required files.
      Step 2 - 7Zip your installers
      Go to the folder that has your .msi and your setup.exe
      Select both the .msi and the setup.exe
      Right-Click and choose 7Zip --> "Add to Archive"
      Name your archive "Installer.7z" (or a name of your choice)
      Click Ok
      You should now have "Installer.7z".
      Copy this .7z file to your c:\Install directory
      Step 3 - Get the 7z-Extra sfx extension module
      Available in the link below
      Follow this link to download 7Zip + other necessary files

      Hidden Content
      Give reaction to this post to see the hidden content. Install 7zip and copy the other files to c:\Install
      Create a 7zip file with the name installer.7zip with your files and copy to c:\Install
      Copy the file "7zS.sfx" to c:\Install
      Copy config.txt to c:\Install or create your own 
      Step 4 - Setup your config.txt
      Use Notepad for this but save the file in UTF-8 encoding.
      File > Save as > Encoding : UTF-8
      Using windows explorer go to c:\Install
      right-click and choose "New Text File" and name it config.txt
      right-click and choose "Edit with notepad". 
      Enter something like this:
      Hidden Content
      Give reaction to this post to see the hidden content. Edit this replacing [SOFTWARE v1.0.0.0] with your product name. Notes on the parameters and options for the setup file are here
      After adding the lines save as config.txt in encoded in UTF-8
      CheckPoint
      You should now have a folder "c:\Install" with the following 3 files:
      Installer.7z
      7zS.sfx
      config.txt
      Step 5 - Create the archive
      These instructions I found on the web but nowhere did it explain any of the 4 steps above.
      Open a cmd window, Window + R --> cmd --> press enter
      In the command window type the following
      cd \
      cd Install
      copy /b 7zS.sfx + config.txt + Installer.7z MyInstaller.exe
      Look in c:\Install and you will now see you have a MyInstaller.exe
      You are finished
      Run the installer
      Double click on MyInstaller.exe and it will prompt with your message. Click OK and the setup.exe will run.
    • dEEpEst
      PDF Exploit Builder
      By dEEpEst

      Hidden Content
      Give reaction to this post to see the hidden content. Download:
      Hidden Content
      Give reaction to this post to see the hidden content.
      Passwoord:
      level23hacktools.com
    • Bipo
      For now i just like to now .....
      By Bipo
      For now i just try to get some info .In your opinion it's possible to find a working silent exploit for a reasonable price ......You now a selling place were they don't put you a 2x4 in the 
    • 1337day-Exploits
      WordPress PDF And Print 2.0.2 Cross Site Scripting
      By 1337day-Exploits
      WordPress PDF and Print plugin version 2.0.2 suffers from a cross site scripting vulnerability.

      Hidden Content
      Give reaction to this post to see the hidden content.
×