border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Sunday, June 12, 2011

Phoenix exploit kit 2.5





At below here is a some define about Phoenix Exploit Kit.

The Phoenix Exploit Kit is a good example of exploit packs used to exploit vulnerable software on the computers of unsuspecting Internet users. Often, cybercriminals drive traffic to the exploit kit by compromising legitimate sites and by inserting iframes that point to the exploit kit or by poisoning search engine results that take users to the exploit kit.

When users land on a page injected with the exploit kit, it detects the user’s Web browser and OS version then attempts to exploit either the browser or a browser plug-in. The latest version of the Phoenix Exploit Kit currently has payloads for nine different system configurations, including:

    * XPIE7: Internet Explorer 7 and either Windows XP, Windows XP SP2, or Windows 2003
    * VISTAIE7: Internet Explorer 7 and Windows Vista
    * XPIE8: Internet Explorer 8 and either Windows XP, Windows XP SP2, or Windows 2003
    * VISTAIE8: Internet Explorer 8 and Windows Vista
    * IE: Versions of Internet Explorer that are not IE7 or IE8
    * WIN7IE: Internet Explorer and Windows 7
    * XPOTHER: Browsers other than Internet Explorer on Windows XP, Windows XP SP2, or Windows 2003
    * VISTAOTHER: Browsers other than Internet Explorer on Windows Vista
    * WIN7OTHER: Browsers other than Internet Explorer on Windows 7

Once users are directed to a payload page, the kit attempts to exploit vulnerabilities in versions of Adobe Acrobat Reader, Adobe Flash Player, Internet Explorer, and Java.

Java has become the leading exploit vector for a variety of exploit packs. In fact, Phoenix Exploit Kit 2.5 has been updated to include three additional Java exploits, namely:

     JAVA RMI
     JAVA MIDI
     JAVA SKYLINE

The administration panel of Phoenix Exploit Kit 2.5 contains an option to switch modes, which changes the Java exploit delivered to users. It allows the administrator to choose from among TC (CVE-2010-0840), RMI, or MIDI. This indicates that exploits for Java have become very attractive to malware distributors.



Download

No comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More