2014-01-15 - Exploit Integration

CVE-2013-3918 (IE) integrates exploit Kits

On november 8, 2013 FireEye reported a new IE Zero-Day.

The exploit appeared for sale on underground on the 2013-12-20
CVE-2013-3918 for sale on underground.

В наличии свежий эксплоит CVE-2013-3918(MS13-090) ноябрь 2013
Работает под IE 8, 9, 10.

Для работы не требуется office, java итд только ie

Подробности в жабе

Сейчас и на будущее, всем желающим предлагаю верифицировать меня в жабе через форум, на случай угона жабы.
Google Translated
Available fresh exploit CVE-2013-3918 (MS13-090) in November 2013
Works under IE 8, 9, 10.

For work that requires office, java, etc. ie only
Details in the toad
Now and in the future, everyone suggest me to verify the jabber through the forum, in case of jabber theft.

and get discounted to 7k on the 2013-01-06.

2. Эксплоит под IE CVE-2013-3918(MS13-090)
Добавлена работа под IE7
Цена снижена до 7к
2. Exploit for IE CVE-2013-3918 (MS13-090)
Added work under IE7
Price reduced to 7k

It appears today in Nuclear Pack, replacing (?) CVE-2013-2551.
Thanks Chris Wakelin and Will Metcalf (Emerging Threats) for Decoding and help in identifying the CVE.

Nuclear Pack :

CVE-2013-3918 successful pass in Nuclear Pack 2014-01-15
(pushing a Citadel targeting UK. We can see call for config and firefox cookie module)

Files: Nothing for now. You know how to contact me. Note : around 2 days later that exploit has been removed. Back to CVE-2013-2551

Flash EK:
Spotted by EKWatcher in Flash EK. This post will be updated soon.

Reading :
New IE Zero-Day Found in Watering Hole Attack 2013-11-08- Xiaobo Chen and Dan Caselden - FireEye
CVE-2013-3918 - NIST