A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #19563  by Squirl
 Thu Jun 06, 2013 2:24 pm
Redkit served up from:
hxxp://csaze.com/login.php

Served 5 (4 if you count the dupe) Java exploits. Attached.

File name: 5c.jar
https://www.virustotal.com/en/file/2838 ... 370522773/

File name: 5s.jnlp
https://www.virustotal.com/en/file/4b52 ... 370522790/

File name: 71.jar (dupe of 5c.jar)
https://www.virustotal.com/en/file/2838 ... 370522859/

File name: vk.jnlp
https://www.virustotal.com/en/file/8d39 ... 370522869/

File name: 82.jnlp
https://www.virustotal.com/en/file/7d3e ... 370522913/
You do not have the required permissions to view the files attached to this post.
 #19645  by Squirl
 Fri Jun 14, 2013 2:41 pm
Nice exploit pack found at hxxp://gingersnapportraits.com/mzmd.html

Downloaded binaries crypted with AES. Decryption routines in Chjop.class and Fiovt.class, if you can be bothered :)
You do not have the required permissions to view the files attached to this post.
 #20209  by secObs
 Thu Jul 25, 2013 9:17 pm
One Jar with four Java vulnerabilities from Styxy Cool Exploit Kit.

Vulnerabilities exploited:
- CVE-2012-0507
- CVE-2013-0431
- CVE-2013-1493
- CVE-2013-2423
You do not have the required permissions to view the files attached to this post.
 #20433  by Blaze
 Fri Aug 09, 2013 11:02 am
Attached:

CVE-2010-0840
CVE-2010-4452
CVE-2012-0507
CVE-2012-1723
CVE-2012-4681
CVE-2013-0431
CVE-2013-1493
Other Unknown Exploits

Code: Select all
MD5 	                            Filename
cdad8b668590ac11f054d963b0bf59a9	54e8589-41aefd62
571e01434b3a8e5bae25c47bfea28b91	60d3a6cc-4bb16ea5
571e4f2c6881ced7067423592c3a9958	63e4ecba-5e2b89bf
3cfbfcba844b05a40a8aa31b61452274	507e5af1-45ede582
8dbd75cd23cc889063b884aafc9f25bb	572b897c-605cb566
82c711ba8722142fa8cab6beae988b17	698de1fa-32d1c95d
3cfbfcba844b05a40a8aa31b61452274	5587222a-48b84682
375b934cb6f50f4945453eedbe32edd3	b9c297a-4bdbf799
92cd0ef50ba83fca97517f9a02261de1	1e297a23-68e045ce
207267093b5d0c7f6547c6997d230c20	1ebcef09-3bc44891
9dc7542aba49e7b9eac1d1bc2fec27ad	2d128e87-13caa7f2
58fa87cdb88e9a0d6cc039e4401f06f3	3ba1a78c-2bbf8e04
e2e57470d4465a8dbce490ef4136406c	4b03543a-7f275d17
f76aac04f5d5baac7bb80dc013bbcd1c	4ec3d407-6f702aa3
a4df58cb0c1a686a0b0db463b9c89d73	5b863295-53416253
7c30395a546d691ba8917b81a3b2f773	6eade2cc-7a52cfcc
3cfbfcba844b05a40a8aa31b61452274	7b0b5663-66f91809
2947b2d8b9c56f3843e0be17bdf1d4f7	22e4e421-77e53c60
6fd9858a6be012b779ae3d64864f2f5c	24dd4ba3-7cddc4d5
17afd87884f2246ca5676cbac22a9e8e	27b84623-1f0d2f20 
You do not have the required permissions to view the files attached to this post.
  • 1
  • 3
  • 4
  • 5
  • 6
  • 7