Bleeding Life Exploit Pack
I came across a new exploit pack called "Bleeding Life". This one has six exploits at its disposal and costs $200 in the underground. As you can see, it only focuses on Acrobat, Flash, and Java vulnerabilities which have a very high success rate.
- Adobe Reader CVE-2010-1297 Affected Versions 9.0 - 9.3.2
- Adobe Reader CVE-2010-0188 Affected Versions 9.0 - 9.3.0
- Adobe Reader CVE-2010-0188 Affected Versions 8.0 - 8.2.0
- Adobe Reader CVE 2008-2992 Affected Versions 7.0 - 7.1.0
- Adobe Flash CVE-2009-1862 Affected Versions 10.0 - 10.0.22
- Oracle/Sun Java CVE-2010-0842 Affected Versions x.x up to 220.127.116.11
The pack was downloadable from the Internet:
But all the files were encrypted so I was not able to view the source code. I did find a live version of this pack and it appears to be getting a 13.5% exploitation rate.
You'll also notice that Windows XP is still very popular and these exploit packs do in fact affect Windows 7 machines.
Looks like that BleedingLife Exploit Pack version 2.0 has been released.
It now has the following exploits and costs $400.
- CVE-2010-0806 - IEPeers Uninitialized Memory Corruption Vulnerability - IE6/IE7 Only - ALL Windows
- CVE-2010-0842 - Java Unspecified vulnerability in the Sound component - Java 6 < Update 19 - ALL Windows
- CVE-2010-3552 - Unspecified vulnerability in the New Java Plug-in - Java 6 < Update 22 - IE Only - ALL Windows
- CVE-2008-2992 - Adobe Reader util.printf Stack Overflow - Adobe Reader < 7.1.1 - ALL Windows
- CVE-2010-1297 - Adobe authplay.dll ActionScript AVM2 "newfunction" Vulnerability - Adobe Reader < 9.3.3 - ALL Windows
- CVE-2010-2884 - Adobe authplay.dll ActionScript AVM2 memory corruption Vulnerability - Adobe Reader < 9.4.0 - ALL Windows
- CVE-2010-0188 - Adobe Libtiff Integer Overflow - Adobe Reader < 9.3.1 - ALL Windows
- CVE-2010-0188 - Adobe Libtiff Integer Overflow - Adobe Reader < 8.2.1 - ALL Windows
- JavaSignedApplet - Java Signed Applet to download/exec payload (Requires user interaction but can be disabled.) - ALL Windows