What is Adobe Acrobat Viewer - http://www.adobe.com/products/acrviewer/acrvdnld.html? is this something very old, I don't see much information about it and the FAQ link doesn't work.
On Wed, Nov 24, 2010 at 3:29 PM, bytes abit <[email protected]> wrote: > > Seriously? I know a worry proof method. NO ONE CAN HACK PAST IT! > Snail Mail me a copy :P > > > Though seriously, I would agree with the general un-spoken rule. Hack not > they brethern, but use condoms regardless. > > > > > On Mon, Nov 22, 2010 at 2:07 PM, <[email protected]> wrote: > >> >> >> If you can own anyone reading this list with a PDF exploit then they >> >> deserve it! >> >> >> >> Robin >> > >> > I think this is a little unfair; how do you not get owned using Adobe >> > Acrobat? >> > >> > I had a hard time writing up a mitigation recommendation for a customer >> > recently. I owned the network with a HSRP MITM attack, followed by >> > Ettercap+etterfilter injection to serve up malicious PDF's in 1x1 >> > iframes*. The attack went great, but then I had to tell the customer >> > what to do differently to prevent them from being compromised through >> > Adobe Acrobat in the future. >> > >> > I don't believe Foxit Reader isn't in a better position than Adobe >> > Acrobat reader from a security perspective. Online PDF rendering >> > options returning funky JS+AJAX images wouldn't work due to the >> > sensitive nature of the PDF content. I ended up recommending the use of >> > Adobe Acrobat with the Microsoft Mitigation Experience Toolkit, but I >> > thought that was kinda lame too. >> > >> > What recommendations are people making to customers who get owned >> > through PDF exploits but require a local PDF reader? >> > >> > Thanks, >> > >> > -Josh >> > >> > * Ettercap+etterfilter, HSRP/VRRP exploits and more are all labs in the >> > new SANS course I contributed to, Advanced Penetration Testing, Exploits >> > and Ethical Hacking - http://bit.ly/aOwAnB >> >> Hot on the heels of your question, Adobe has released Acrobat/Reader "X". >> There is a nice series of articles here: >> http://blogs.adobe.com/asset/2010/11/adobe-reader-x-is-here.html . >> Protected mode is by no means a "cure all", but it does look like a step >> in the right direction. >> >> On a separate but related note, what did you tell this customer about >> mitigating malicious iframes? It seems to me that your attack vector ( >> malicious iframes) is/was the real issue here and that the vulnerable >> application (Acrobat) is probably one of several you could taken advantage >> of. >> >> -- >> byte_bucket >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
