Name: FinFly Exploit Portal

Text: Remote Monitoring & Deployment Solutions
FINFLY EXPLOIT PORTAL

Standard Deployment methods for Remote Monitoring
Solutions can often not be applied when dealing with
well-trained and extremely careful Targets as they are
familiar with common Deployment techniques and tools.

QUICK INFORMATION
· Strategic Operations
· Deploys Remote Monitoring
Solution on Target System
through Files and Server

ln most scenarios, 0-Day Exploits provide an extremely
powerful and reliable way to deploy Remote Monitoring
Solutions by exploiting unpatched vulnerabilities in
Software the Target is us ing .
The FinFly Exploit Portal offers access to a large library
of 0-Day and 1-Day Exploi ts for popular soft ware like
Microsoft® Office, Internet Explorer, Adobe Acrobat
Reader, and many more.

Usage Example 1: High-Tech Crime Unit

Usage Example 2: Intelligence Agency

A High-Tech Crime Unit was investigating a Cyber-Crime
and needed to deploy a Remote Monitoring Solution on
a Target System . They used an Adobe Acrobat Reader
0-Day Exploit and sent a prepared PDF file via Email to the
Target. The Remote Monitoring Solution was automatical ly
deployed once the Target opened the file.

A Target was identified within a Discussion Board but no
direct or Email contact was possible. The Agency created a
Webserver containing an Internet Explorer 0-day Exploit
which deployed the Payload on the Target System once the
Target opened the URL that was sent to him through a
private message in the Discussion Board .

Feature Overview
·Full Access to Web Portal and Exploit Generator

· Government-Grade 0-Day Exploits which function on multiple Systems
and Patch-levels without further modification
· At least 4 major Exploits (common Browser/Mail/File-V iewer Software)
permanently available

· 30 day warranty for every Exploit within the Portal
· Permanently updated 1-Day Exploits for various Software

For a full feature list. please refer to the Product Specifications.

Remote Monitoring & Deployment Solutions
FINFLY EXPLOIT PORTAL

Product Components

FtNF"!SHER

·-

-

--1-... ...

1

'

'~

--~~-

~GOit~llWllUllO!I

,-

N#l"lMIOllMMttOU
"""";'~-· ~ :~;.::.:::
. ., ._:_·~::-~~-;.:_
~

lttÎftill ~~~~- ! - ~·_
-.- !'11/T"

~-

...

- -

Finfly Exploit Portal
·Web Interface Exploit Library

FinFly Exploit Portal Sample


Microsoft Internet Explorer 9-8-7-6 Remote Code Execution Exploit

A use-after-free vuln erability exists in Microsoft Internet Explorer when p1·ocessing certain JavaScript
and HTML data, whlch could be exploited to comp romis e a vulnerab le system via a specially crafted
web page.

The vutnerability affects Microsoft Internet Explorer 9, 8 1 7 and 6 1 on Windows 7 SP1 and prior 1
Windows Vista SP2 and prior, and Windows >

The provided code e xecution exploit bypasses ASLR (A dd ress Space Layout Randomization) and DEP
(Data Execution Prevention) and works on al l Windows systems.
• More Information and Details (Explôit: updsl:êd ô fl 2011·10-14. Exploit: first: released



011

2011-08·06 )

Microsoft Intet'net Ew.plot'et' 9-8 Remote Sandbox Bypass: Exploit

A vulnerability exists in Microsoh Internet Explorer's sandbox (Protected Mode) when processin

certain data from a Low integrity process, which could be exploited to achieve code execution .;:
Medium integrity and bypass Protected Mode.
The vulnerability affects Microsoft Internet Explorer 9 and 8 on Wind ows 7 SP1 and prior a nd Windows
Vista SP2 and prior (Windows XP SP3 and prîor do not include a sandbox).
The provided exploit must be comb ined to another IE code and must be used as a second stage
she llcode .
• More Information and Deta ils ( Exp lôi"t up dat e.d ôf"I 20 11-10-14. Exploit: ti'rst: released on 10 11-03-0 2 )


Adobe Act'obat & Reader 9.M PDF Processing Code Execution Exploit

A buffer overflow vulnerability exists in Adobe Acrobat and Reader when processinQ certain data within
a PDF document, which coul d be e x pl oited to compromise a vulnerable system by tricking a user into
opening a malicious PDF file.
The provlded code execution exploit bypasses AS LR (Address Space Layout Randomizotion) and DEP
(Data Execution Prevention) and works on all Windows systems.
•More Information and Oeta ils (Exploit update.d on 20 11-09-02. E:r:ploit first rele&sed on 2011-07-15)

Document Path: ["787_gamma-group_brochure_finfly-exploit-portal.pdf"]

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh