https://thehackernews.com/2018/12/flash-player-vulnerability.html
Here is a complicated exploit. It starts with phishing and an email attachment. While the vulnerability resides in flash Word is necessary for the exploit and within a word doc you need a payload, in this example it is an image file. Once the document is opened the payload unpacks, uses Flash’s vulnerability and then can:
monitoring user activities (keyboard or moves the mouse)
collecting system information and sending it to a remote command-and-control (C&C) server,
executing shellcode,
loading PE in memory,
downloading files
execute code, and
performing self-destruction.
Adobe has since patch the vulnerability.
Leave a Reply
You must be logged in to post a comment.