Re: Setting triple/quad PDF exploit system

[Atul Agarwal <atul () secfence com>]

Hello,

As far as I know, there is no way through which you can achieve that in
Metasploit.

As per my understanding of your post, you want an generate a single pdf that
will exploit multiple vulns. But, AFAIK, its not possible to move on to the
next exploit if one fails.

All the malicious pdf's I've come across incorporate multiple exploits by
checking the reader application's version. The shellcode/payload can be the
same, but the exploit is triggered after checking the version.

A Javascript pseudo-code :

var version = app.viewerVersion;
if(version>8)
{
  //do something
}

if(version>8)
{
  //do something else..
}

.. and so on


Hope that helped.

BTW, If someone can share a technique to trigger the next exploit by
checking if the current one failed, I'll appreciate that.

Thanks,
Atul Agarwal
Secfence Technologies


On Mon, Jun 28, 2010 at 8:43 PM, Spring Systems <korund () hotmail com> wrote:

>  Is it possible to join few adobe exploits, say 3-4 ones, into one PDF
> file, to make triple (or quad) exploit system? All exploits dedicated to
> launch one payload (which is compatible with all these PDF exploits). Is it
> possible and how to achieve this in Metasploit? I know there is triple PDF
> sploits in the wild, if one exploit fails, then another exploit start, if it
> also fails, the next instance will run (loop).
>
>
> ------------------------------
> Hotmail has tools for the New Busy. Search, chat and e-mail from your
> inbox. Learn 
> more.<http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_1>
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework