The Bleeding Life exploit kit is a blackhat Web application consisting of several recent exploits. Since first mentioned in October 2010 there were: two full versions (v1 and v2), Mini-Java version, Java edition, Adobe edition and the latest – Bleeding Life RELOADED seen „in-the-wild“. As with other exploit kits, this one uses PHP and MySQL backend; it also utilizes AJAX technology to refresh statistics in real time, allowing the owner of this kit to be aware of situations in real time.
This kit can be modified by editing configuration files to control such things as: time between exploitation attempts, use of AJAX for overall statistics and refresh time, reuse of iframe (either each exploit is going to be created in its own iframe or use the same iframe), and name of the malicious payload file. The Admin panel does not sport the latest features seen in other exploit kits, providing only statistics such as: exploits, browsers, countries, operating systems, and referrers.
The author of this product claims „it is intended solely for the purposes of vulnerability and penetration testing“ but encrypts it with commercial PHP encryption and sells it on black market forums. The Bleeding Life exploit kit uses exploits which can bypass ASLR and DEP, which means this product could be used successfully against Windows 7 and Windows Vista operating systems.
The list of exploits used does not vary much from other known kits, though one of the exploits is actually a social engineering technique (similar tactics were used in the Unique exploit kit) to lure victims to download and run a malicious Java applet. The Bleeding Life exploit kit uses JavaScript – PluginDetect.js to collect information about victims and then servers exploit them accordingly.
Quote
Below is a running list of vulnerabilities that have been used with the Bleeding Life exploit kit:
CVE-2010-3552 Unspecified vulnerability in New Java Plugin component in Oracle Java SE
CVE-2010-2884 Adobe authplay.dll ActionScript AVM2 memory corruption Vulnerability
CVE-2010-1297 Adobe authplay.dll ActionScript AVM2 „newfunction“ Vulnerability
CVE-2010-0842 Vulnerability in the Sound component in Oracle Java SE
CVE-2010-0188 Adobe Reader LibTiff Vulnerability
CVE-2008-2992 Adobe Reader util.printf Vulnerability
CVE-2006-0003 IE MDAC
JavaSignedApplet – Java Signed Applet to download and execute a payload
Link Download : http://adf.ly/1feQGG