One of the most complex tasks for the cyber security expert is to ensure their malicious code goes detected by antivirus and achieves its goal. For this, they have invested a lot on more complex infection processes, going beyond the traditional Exploit PDF and using techniques where the malicious payload is hidden in encrypted files – even using a known file format. This is what we found in a new PDF Exploit in the wild: it tries to conceal the malicious files in a Exploit PDF File. And the prevent attack starts with a simple Exploit PDF. Provides Good Security.
- Vulnerability Disclosure Timeline Closer inspection of the Exploit PDF content reveals the malicious link as well as the URL Download and Execute of the tool used to generate the Exploit PDF from Python encrypted code content which we also implement in couple of our builders.
- Silent PDF Exploit silent-pdf-exploit-2018silent-pdf-exploit-2018 Silent PDF Exploit There are multiple Exploit PDF in Silent PDF Exploit, a package commonly used by web services to process Exploit PDF File. One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted PDF. The exploit for this vulnerability is being used in the wild.
- Why Are You Disclosing A Exploit PDF We have collectively determined that these vulnerabilities are available to individuals other than the person(s) who discovered them. An unknowable number of people having access to these vulnerabilities makes this a critical issue for everyone using this software.
Bypass Word Security One of the most complex tasks for the cyber security expert is to ensure their malicious code goes detected by antivirus and achieves its goal. For this, they have invested a lot on more complex infection processes, going beyond the traditional Exploit DOC and using techniques where the malicious payload is hidden in encrypted files – even using a known file format. This is what we found in a new DOC Exploit in the wild: it tries to conceal the malicious files in a Exploit DOC File. And the prevent attack starts with a simple Exploit DOC. Provides Good Security.
- Vulnerability Disclosure Timeline Closer inspection of the Exploit DOC content reveals the malicious link as well as the URL Download and Execute of the tool used to generate the Exploit DOC from Python encrypted code content which we also implement in couple of our builders.
- Silent DOC Exploit There are multiple Exploit DOC in Silent DOC Exploit, a package commonly used by web services to process Exploit DOC File. One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted DOC. The exploit for this vulnerability is being used in the wild.
- Why Are You Disclosing A Exploit DOC We have collectively determined that these vulnerabilities are available to individuals other than the person(s) who discovered them. An unknowable number of people having access to these vulnerabilities makes this a critical issue for everyone using this software.
CVE was launched in 1999 when most information security tools used their own databases with their own names for security vulnerabilities. At that time there was no significant variation among products and no easy way to determine when the different databases were referring to the same problem.
- SPREAD UNLIMITED & EASY
- CLEAN & READABLE SOURCE CODE
- EXPLOIT DOC SPREADING
- SPREADING ANY E-MAILS
- COMPATIBLE WITH
- COMMENTED SOURCE CODE
- EXPERIENCED PROGRAMMERS
- USER-FRIENDLY
- FULL UNDETECTABLE
- WINDOWS COMPATIBILITY
- Windows 7
- Windows 8
- Windows 8.1
- Windows 10
- COMPATIBILITY TOOLS
- Compatible
- SOCIAL MEDIA SPREADING
- Gmail / Webmail
- Yahoo / Hotmail
- Yandex / Mail
- Facebook / Twitter
- And Many More...
- STABILITY & UNDETECTABILITY
- Undetectable 100%
- Silent Execution
- Private & Unique Builder
- CVE-2017
- Works for all PDF DC Version
BTC - 144feg2TVeVjhLfXVrKvaTzu2ViX4gYv6q
This project is only for educational purposes. Therefore I'm not responsible for any harm/illegal activity that may happens. I made this project to learn more about reverse engineering. I will not be updating the offsets for this reason.This may not be exact code as the one in my hackathon.