Tuesday, December 15, 2009

Adobe CVE-2009-4324 in the wild - (0day) - part 0.1 - browsing C&Cs

"playing" with one of the URL, run by a C & C (see previous post http://extraexploit.blogspot.com/2009/12/adobe-cve-2009-4324-in-wild.html) you can access some path in which are content folder names match (probably) to hostnames infected. In the following scheenshots is documented the browsing for dailysummary.net

The root path:



The host names list:




The content (probably encrypted file):



The root path for somus.net:



No comments:

Post a Comment