Zero Day Java Exploits(All Java Exploits goes here)

Forum for analysis and discussion about malware.
User avatar
secObs
Posts: 25
Joined: Sun Mar 04, 2012 10:53 pm
Location: here, there and everywhere
Contact:

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by secObs » Fri May 03, 2013 8:38 pm

Last java exploit (cve-2013-2423) from Redkit and Sweet Orange
You do not have the required permissions to view the files attached to this post.

User avatar
Squirl
Posts: 15
Joined: Sun Apr 03, 2011 11:48 pm

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by Squirl » Thu Jun 06, 2013 2:24 pm

Redkit served up from:
hxxp://csaze.com/login.php

Served 5 (4 if you count the dupe) Java exploits. Attached.

File name: 5c.jar
https://www.virustotal.com/en/file/2838 ... 370522773/

File name: 5s.jnlp
https://www.virustotal.com/en/file/4b52 ... 370522790/

File name: 71.jar (dupe of 5c.jar)
https://www.virustotal.com/en/file/2838 ... 370522859/

File name: vk.jnlp
https://www.virustotal.com/en/file/8d39 ... 370522869/

File name: 82.jnlp
https://www.virustotal.com/en/file/7d3e ... 370522913/
You do not have the required permissions to view the files attached to this post.

User avatar
Squirl
Posts: 15
Joined: Sun Apr 03, 2011 11:48 pm

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by Squirl » Fri Jun 14, 2013 2:41 pm

Nice exploit pack found at hxxp://gingersnapportraits.com/mzmd.html

Downloaded binaries crypted with AES. Decryption routines in Chjop.class and Fiovt.class, if you can be bothered :)
You do not have the required permissions to view the files attached to this post.

User avatar
Blaze
Posts: 199
Joined: Fri Aug 27, 2010 7:35 am
Contact:

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by Blaze » Tue Jun 25, 2013 9:38 am

CVE-2013-0422
You do not have the required permissions to view the files attached to this post.

Win32:Virut
Posts: 324
Joined: Sat Jun 02, 2012 2:22 pm

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by Win32:Virut » Sun Jul 14, 2013 7:30 pm

2 java
You do not have the required permissions to view the files attached to this post.

User avatar
secObs
Posts: 25
Joined: Sun Mar 04, 2012 10:53 pm
Location: here, there and everywhere
Contact:

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by secObs » Thu Jul 25, 2013 9:17 pm

One Jar with four Java vulnerabilities from Styxy Cool Exploit Kit.

Vulnerabilities exploited:
- CVE-2012-0507
- CVE-2013-0431
- CVE-2013-1493
- CVE-2013-2423
You do not have the required permissions to view the files attached to this post.

Win32:Virut
Posts: 324
Joined: Sat Jun 02, 2012 2:22 pm

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by Win32:Virut » Wed Aug 07, 2013 3:35 pm

EXP/CVE-2013-0422.B6.Gen and Exploit:Java/CVE-2012-1723
You do not have the required permissions to view the files attached to this post.

User avatar
Blaze
Posts: 199
Joined: Fri Aug 27, 2010 7:35 am
Contact:

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by Blaze » Fri Aug 09, 2013 11:02 am

Attached:

CVE-2010-0840
CVE-2010-4452
CVE-2012-0507
CVE-2012-1723
CVE-2012-4681
CVE-2013-0431
CVE-2013-1493
Other Unknown Exploits

Code: Select all

MD5 	                            Filename
cdad8b668590ac11f054d963b0bf59a9	54e8589-41aefd62
571e01434b3a8e5bae25c47bfea28b91	60d3a6cc-4bb16ea5
571e4f2c6881ced7067423592c3a9958	63e4ecba-5e2b89bf
3cfbfcba844b05a40a8aa31b61452274	507e5af1-45ede582
8dbd75cd23cc889063b884aafc9f25bb	572b897c-605cb566
82c711ba8722142fa8cab6beae988b17	698de1fa-32d1c95d
3cfbfcba844b05a40a8aa31b61452274	5587222a-48b84682
375b934cb6f50f4945453eedbe32edd3	b9c297a-4bdbf799
92cd0ef50ba83fca97517f9a02261de1	1e297a23-68e045ce
207267093b5d0c7f6547c6997d230c20	1ebcef09-3bc44891
9dc7542aba49e7b9eac1d1bc2fec27ad	2d128e87-13caa7f2
58fa87cdb88e9a0d6cc039e4401f06f3	3ba1a78c-2bbf8e04
e2e57470d4465a8dbce490ef4136406c	4b03543a-7f275d17
f76aac04f5d5baac7bb80dc013bbcd1c	4ec3d407-6f702aa3
a4df58cb0c1a686a0b0db463b9c89d73	5b863295-53416253
7c30395a546d691ba8917b81a3b2f773	6eade2cc-7a52cfcc
3cfbfcba844b05a40a8aa31b61452274	7b0b5663-66f91809
2947b2d8b9c56f3843e0be17bdf1d4f7	22e4e421-77e53c60
6fd9858a6be012b779ae3d64864f2f5c	24dd4ba3-7cddc4d5
17afd87884f2246ca5676cbac22a9e8e	27b84623-1f0d2f20 
You do not have the required permissions to view the files attached to this post.

User avatar
Blaze
Posts: 199
Joined: Fri Aug 27, 2010 7:35 am
Contact:

Re: Zero Day Java Exploits(All Java Exploits goes here)

Post by Blaze » Fri Sep 20, 2013 12:16 pm

Watering-Hole Attacks Target Energy Sector
http://blogs.cisco.com/security/waterin ... gy-sector/

Java exploits from this campaign attached.
You do not have the required permissions to view the files attached to this post.

Post Reply