Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      dEEpEst

      They have just found two serious vulnerabilities thanks to a PDF that they have uploaded to VirusTotal

      Recommended Posts

      Staff

      A few months ago, an anonymous user uploaded a PDF file to the online platform 

      Hidden Content

        Give reaction to this post to see the hidden content.
       in order to see if it was detected by any of the more than 50 antivirus engines that have this platform or, otherwise, none of them detected it .This PDF file apparently seemed harmless and could have been a user who, after downloading it, wanted to verify that it did not hide anything. However, it seems that this PDF file hid something quite serious.

      This PDF file immediately called the attention of several security researchers subscribed to the platform, researchers who soon began to analyze it in depth.Within this PDF file they have been able to find two very dangerous exploits that took advantage of two security flaws still unknown in the Adobe software and in Windows.

      Hidden Content

        Give reaction to this post to see the hidden content.

      The Adobe vulnerability ( CVE-2018-4990 ) is a failure to execute remote code, while the Windows security failure ( CVE-2018-8120 ) is a privilege escalation failure to be able to execute code at the highest level of permits. The PDF file did not include the final payload and was not 100% complete, so it is believed that it has never been used.

      Neither this malicious PDF , nor the exploits that it hid, had never been seen on the network until they were sent to VirusTotal. It is not well known why this PDF came to this online security platform, whether it was from someone who got it in some way or by some rookie hackerwho does not know that all the files sent to VirusTotal are sent to security companies and researchers, even if apparently clean, for in-depth analysis.

      What is certain is that, thanks to VirusTotal, we have been able to avoid a series of very dangerous computer attacks, being able to know the vulnerability before it was used to endanger the security of the users.

      Update Windows and Adobe to protect yourself from these two vulnerabilities

      This PDF was detected in March of this same year, and in the second week of May Microsoft and Adobe released their corresponding security patches without giving specific details about these security flaws. However, in order to give system administrators enough time to update their infrastructures, it has not been until now that Microsoft and Adobe have made public the vulnerabilities that have been detected thanks to this PDF uploaded to VirusTotal .

      To protect ourselves from these two failures and make these exploits useless, we must install the latest Windows and Adobe security patches. These vulnerabilities were already solved the second week of May with the corresponding patches, so, installing these patches we will be fully protected.

      What do you think of these two security flaws discovered and solved thanks to VirusTotal?

      Share this post


      Link to post
      Share on other sites

      I tell what happened the lamer bought exploit the 0day for adobe acrobat from 0day.today, and just fuked up the exploit

      let dos this virustotal

      Share this post


      Link to post
      Share on other sites
      Staff

      They buy or download a crypter and the first thing they do is upload it to VirusTotal, and then they tell you that they detect it as antivirus.
      They pull the work of days even of months in a few minutes, fucking lamers .....

      Share this post


      Link to post
      Share on other sites
      Guest
      This topic is now closed to further replies.
      Sign in to follow this  

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. MeterPwrShell
          Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs.
          This tool is powered by Metasploit-Framework and amsi.fail
          Notes
              NEVER UPLOAD THE PAYLOAD THAT GENERATED BY THIS PROGRAM TO ANY ONLINE SCANNER
              NEVER USE THIS PROGRAM FOR MALICIOUS PURPOSE
              SPREADING THE PAYLOAD THAT GENERATED BY THIS PROGRAM IS NOT COOL
              ANY DAMAGE GENERATED BY THIS PROGRAM IS NOT MY (As the program maker) RESPONSIBILTY!!!
              If you have some feature recommendation,post that on Issue
              If you have some issue with the program,try redownloading it again (trust me),cause sometimes i edit the release and fix it without telling 😂
              If you want to know how tf my payload bypass any AVs,you can check on this and this
              Dont even try to fork this repository,you'll dont get the releases!
          Features (v1.5.1)
              Bypass UAC
              Automatic Migrate (using PrependMigrate)
              Built-in GetSYSTEM (if u use the Bypass UAC option)
              Disable All Firewall Profile (if u use the Bypass UAC option)
              Fully Bypass Windows Defender Real-time Protection (if you choose shortened payload or using Bypass UAC or both)
              Disable Windows Defender Security Features (if u use the Bypass UAC option)
              Fully unkillable payload
              Bypasses AMSI Successfully (if you choose shortened payload)
              Short One-Liner (if you choose shortened payload)
              Bypass Firewall (If you pick an unstaged payload)
              Great CLI
              A Lot More (Try it by yourself)

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. XSSTRON
          Electron JS Browser To Find XSS Vulnerabilities
          Powerful Chromium Browser to find XSS Vulnerabilities automatically while browsing the web, it can detect many case scenarios with support for POST requests too.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. SUDO_KILLER is a tool that can be used for privilege escalation on the Linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within the version of sudo being used (CVEs and vulns), and the use of dangerous binary, all of these could be abused to elevate privilege to ROOT.
          SUDO_KILLER will then provide a list of commands or local exploits which could be exploited to elevate privilege. It is worth noting that the tool does not perform any exploitation on your behalf, the exploitation will need to be performed manually and this is intended.
          Features
          Some of the checks/functionalities that are performed by the tool.
              Misconfigurations
              Dangerous Binaries
              Vulnerable versions of sudo – CVEs
              Dangerous Environment Variables
              Credential Harvesting
              Writable directories where scripts reside
              Binaries that might be replaced
              Identify missing scripts
          What version 2 of SK includes:
                  New checks and/or scenarios
                          CVE-2019-14287 – runas
                          No CVE yet – sudoedit – absolute path
                          CVE-2019-18634 – pwfeedback
                          User Impersonation
                          list of users in sudo group
                  Performance improved
                  Bugs corrected (checks, export, report,…)
                  Continous improvement of the way output presented
                  New videos will be added soon
                  Annonying password input several time removed
                  New functionality: offline mode – ability to extract the required info from audited system and run SK on host.
                  Testing environment : A docker to play with the tool and different scenarios, you can also train on PE.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content. Any PDF Password Recovery 11.8
          Recover, Crack, Unlock PDF User/Open Password
          Leading, advanced and efficient PDF Password Recovery software can quickly recover any lost, forgotten or unknown password for Adobe PDF documents.
          Any Excel Password Recovery 11.8
          Recover, Remove, Crack, Break or Unlock Excel Password
          Best Excel Password Recovery software helps you recover your lost or forgotten password from Microsoft Excel 2019/2017/2016/2013/2010/2007.
          Any RAR Password Recovery 11.8
          Recover Any Lost or Forgotten Password for RAR/WinRAR Archives
          Leading RAR Password Unlocker tool recovers password for all kinds of encrypted RAR/WinRAR Archives without losing data.
          Any ZIP Password Recovery 11.8
          Recover Any Lost or Forgotten Password for ZIP/WinZIP/7ZIP/PKZIP Archives
          Any Word Password Recovery 11.8
          Recover and Crack Password for Microsoft Office Word Documents
          Advanced, safe and reliable MS Word Password Recovery software helps you recover your lost, forgotten or unknown Word password and crack opening password protected Microsoft Word files (*.doc and *.docx) quickly.
          Any PowerPoint Password Recovery 11.8
          Recover, Crack, Unlock Open Password for Encrypted Microsoft PowerPoint Presentation
          Leading PowerPoint Password Recovery software helps you crack and recover lost, forgotten or unknown open password for Microsoft PowerPoint slide presentation.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Products Overview
          Do you have such kind of experience that a PDF (Adobe Acrobat) file Can not be printed, copied, or edited ?
          If yes, This is because PDF file has had password security and other restrictions added. The PDF Decrypter Pro can help you Remove the password and restrictions in a few seconds. This program supports Windows and Mac OS X.
          Now feel the convenience of PDF Decrypter Pro.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.