Fuzzing Adobe Reader for exploitable vulns (fun != profit)

Posted on Apr 27, 2018

Fuzzing Adobe Reader for exploitable vulns (fun != profit)

Wow did I underestimate this one! I told myself it would take quite some time to build a reliable exploit once I found a bug in Adobe Reader. There are so many mitigations to work through once you have an exploitable crash.

Amongst others: Data Execution Protection (DEP: prevents your code from being executed), Address Space Layout Randomization (ASLR: where in memory is my code anyway?), Sandboxing (you need to escape this one, it limits what your code can do). It√Ęs hard to end up with reliable code execution.

Source: kciredor.com