Author Topic: Phoenix exploit's kit  (Read 17083 times)

0 Members and 1 Guest are viewing this topic.

December 27, 2010, 08:15:55 pm
Reply #15

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

February 05, 2011, 04:40:35 pm
Reply #16

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

May 24, 2011, 05:22:41 pm
Reply #17

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Version 2.7 announced
http://translate.google.co.jp/translate?js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&sl=auto&tl=en&u=http://scriptkiddiesec.blogspot.com/2011/05/phoenix-exploit-27.html

Quote
----------- V2 .7 ------------------------------------

  • Added new exploit JAVA TRUST under JRE / JDK versions 1.6.0, 1.6.0_23
  • Removed all the obsolete and palevnyh currently exploits: HCP, FLASH 9, FLASH10, IEPEERS, IE CSS
  • The chain sploytov rewritten and meets maximum performance
Ruining the bad guy's day

May 24, 2011, 08:10:11 pm
Reply #18

GmG

  • Special Members
  • Full Member

  • Offline
  • *

  • 92

June 05, 2011, 05:20:47 pm
Reply #19

GmG

  • Special Members
  • Full Member

  • Offline
  • *

  • 92

May 01, 2012, 06:01:42 pm
Reply #20

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Phoenix Exploit's Kit 3.1
http://xylibox.blogspot.de/2012/05/phoenix-exploits-kit-31-full.html

Quote
We are pleased to present new version of pack 3.1!

-----------v3.1------------------------------------

  • Added new JAVA ATOMIC exploit of JRE 1.6.0-1.6.0_30, 1.7.0-1.7.0_2 for FF/IE/OPERA. Sufficiently increased exploitation success.
  • JAVA TC and JAVA RHINO combined in one .jar file
  • added 4 activation variants:



1)JAVA with version determination, PDF with version determination before load
2)JAVA without version determination, PDF with version determination before load
3)JAVA with version determination, PDF without version determination before load
4)JAVA without version determination, PDF with version determination before load

This flexible system allows for longer not to kill traffic sources (actual for iframe traffic) or conversely with little sacrifice of traffic sources raise exploitation success (actual for Pop up traffic)

  • The exploits delivery chain has been rewritten to be up to date, has been removed JAVA SMB, JAVA TRUST, FLASH 10 because they are no longer actual. As a consequence, there was easy to configure and install - no-Apache on port 8080 and SMB configs.
Ruining the bad guy's day