[Exploit Kit] Bleeding Life (2.0)

The Bleeding Life exploit kit is a blackhat Web application consisting of several recent exploits. Since first mentioned in October 2010 there were: two full versions (v1 and v2), Mini-Java version, Java edition, Adobe edition and the latest – Bleeding Life RELOADED seen „in-the-wild“. As with other exploit kits, this one uses PHP and MySQL backend; it also utilizes AJAX technology to refresh statistics in real time, allowing the owner of this kit to be aware of situations in real time.

This kit can be modified by editing configuration files to control such things as: time between exploitation attempts, use of AJAX for overall statistics and refresh time, reuse of iframe (either each exploit is going to be created in its own iframe or use the same iframe), and name of the malicious payload file. The Admin panel does not sport the latest features seen in other exploit kits, providing only statistics such as: exploits, browsers, countries, operating systems, and referrers.

The author of this product claims „it is intended solely for the purposes of vulnerability and penetration testing“ but encrypts it with commercial PHP encryption and sells it on black market forums. The Bleeding Life exploit kit uses exploits which can bypass ASLR and DEP, which means this product could be used successfully against Windows 7 and Windows Vista operating systems.

The list of exploits used does not vary much from other known kits, though one of the exploits is actually a social engineering technique (similar tactics were used in the Unique exploit kit) to lure victims to download and run a malicious Java applet. The Bleeding Life exploit kit uses JavaScript – PluginDetect.js to collect information about victims and then servers exploit them accordingly.

Quote

CVE-2010-3552 Unspecified vulnerability in New Java Plugin component in Oracle Java SE

CVE-2010-1297 Adobe authplay.dll ActionScript AVM2 „newfunction“ Vulnerability

CVE-2010-0188 Adobe Reader LibTiff Vulnerability

CVE-2006-0003 IE MDAC