[Exploit Kit] Bleeding Life (2.0)

13 November 2016

13 November 2016

The Bleeding Life exploit kit is a blackhat Web application consisting of several recent exploits. Since first mentioned in October 2010 there were: two full versions (v1 and v2), Mini-Java version, Java edition, Adobe edition and the latest – Bleeding Life RELOADED seen „in-the-wild“. As with other exploit kits, this one uses PHP and MySQL backend; it also utilizes AJAX technology to refresh statistics in real time, allowing the owner of this kit to be aware of situations in real time.

This kit can be modified by editing configuration files to control such things as: time between exploitation attempts, use of AJAX for overall statistics and refresh time, reuse of iframe (either each exploit is going to be created in its own iframe or use the same iframe), and name of the malicious payload file. The Admin panel does not sport the latest features seen in other exploit kits, providing only statistics such as: exploits, browsers, countries, operating systems, and referrers.
The author of this product claims „it is intended solely for the purposes of vulnerability and penetration testing“ but encrypts it with commercial PHP encryption and sells it on black market forums. The Bleeding Life exploit kit uses exploits which can bypass ASLR and DEP, which means this product could be used successfully against Windows 7 and Windows Vista operating systems.
The list of exploits used does not vary much from other known kits, though one of the exploits is actually a social engineering technique (similar tactics were used in the Unique exploit kit) to lure victims to download and run a malicious Java applet. The Bleeding Life exploit kit uses JavaScript – PluginDetect.js to collect information about victims and then servers exploit them accordingly.
Quote
Below is a running list of vulnerabilities that have been used with the Bleeding Life exploit kit:
CVE-2010-3552 Unspecified vulnerability in New Java Plugin component in Oracle Java SE
CVE-2010-2884 Adobe authplay.dll ActionScript AVM2 memory corruption Vulnerability
CVE-2010-1297 Adobe authplay.dll ActionScript AVM2 „newfunction“ Vulnerability
CVE-2010-0842 Vulnerability in the Sound component in Oracle Java SE
CVE-2010-0188 Adobe Reader LibTiff Vulnerability
CVE-2008-2992 Adobe Reader util.printf Vulnerability
CVE-2006-0003 IE MDAC
JavaSignedApplet – Java Signed Applet to download and execute a payload
Link Download : http://adf.ly/1feQGG
Tags:

Share this post? Twitter Facebook Linkedin
Prev Post
Next Post

Add your comment

Custom Search

1$ | Donasi Kopi Untuk Sang Creator




 


 

Cheat Point Blank VIP Terupdate 2021, Cheat PB, Cheat VIP Pointblank, Cheat VVIP PB, Cheat Pointblank Terbaru


Post Terbaru

Free Download Eggy Game Untuk PC Full Crack – Repack

17 September 2021

Free Download Glary Utilities Pro 5.162.0.188 Full Version Terbaru

15 September 2021

Free Download RogueKiller Anti Malware Premium 15.0.3.0 2021

12 September 2021

Tag

adobe Android Android Tutorial Anti Virus Aplikasi Article Author Belajar Website Canon Crack Css Download Download Driver Download Game PC Driver Printer Free Full Crack Full Version Games HTML Internet Jaringan linux Malware Mikrotik Networking Offline Installer OS PC Game PHP Post Premium Printer Pro review Seo Software Tips Tool Tutorial Web developer Website Windows Wordpress Xiaomi