Analyzing a CVE-2013-3346/CVE-2013-5065 Exploit with peepdf

This is a guest post from Jose Miguel Esparza (@EternalTodo)


There are already some good blog posts talking about this exploit, but I think this is a really good example to show how peepdf works and what you can learn if you attend the workshop “Squeezing Exploit Kits and PDF Exploits” at Troopers14.  The mentioned exploit was using the Adobe Reader ToolButton Use-After-Free vulnerability to execute code in the victim’s machine and then the Windows privilege escalation 0day to bypass the Adobe sandbox and execute a new payload without restrictions.

Continue reading “Analyzing a CVE-2013-3346/CVE-2013-5065 Exploit with peepdf”

Continue reading