{"id":1207,"date":"2015-10-24T13:47:00","date_gmt":"2015-10-24T13:47:00","guid":{"rendered":"https:\/\/www.varutra.com\/blog\/?p=1207"},"modified":"2023-03-23T16:40:10","modified_gmt":"2023-03-23T11:10:10","slug":"adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked","status":"publish","type":"post","link":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/","title":{"rendered":"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"sh-overlay-item sh-table-cell ls-is-cached lazyloaded\" title=\"Adobe flash - Varutra Consulting\" src=\"https:\/\/varutra-1a3b6.kxcdn.com\/wp-content\/uploads\/2015\/10\/Adobe-flash-1024x686.png\" width=\"1920\" height=\"1080\" data-rel=\"lightcase\" \/><br \/>\n<strong><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/adobe-addresses-latest-flash-player-zero-day-vulnerability.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-1225 size-medium\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/adobe-addresses-latest-flash-player-zero-day-vulnerability-300x224.jpg\" alt=\"adobe-addresses-latest-flash-player-zero-day-vulnerability\" width=\"300\" height=\"224\" \/><\/a><\/strong><\/p>\n<p>Hacking Team is a <em>Milan-based information technology<\/em> company that sells offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations.Its &#8220;<strong>Remote Control Systems<\/strong>&#8221; enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, \u00a0and remotely activate microphones and camera on target computers.Hacking Team states that they have the ability to <em>disable their software<\/em> if it is used unethically.<\/p>\n<p>The Recent Cyber Attack that exposed 400GB of data belonging to <a href=\"https:\/\/github.com\/hackedteam\">Hacking Team<\/a> has following\u00a0 Zero Day vulnerability in Adobe Flash Player in their data.<\/p>\n<ul>\n<li><strong>CVE-2015-5119 \u00a0 <\/strong><strong>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\u00a0<\/strong><\/li>\n<li><strong>CVE-2015-5122<\/strong><\/li>\n<li><strong>CVE-2015-5123 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/strong><\/li>\n<\/ul>\n<p>Let us see in detail , How these vulnerability affects the adobe flash player.<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-5119\"><strong>CVE-2015-5119<\/strong><\/a><strong> :<\/strong><\/li>\n<\/ul>\n<p>This Flash-based vulnerability, dubbed the &#8220;<em>most beautiful Flash bug for the last four years<\/em>&#8221; in Hacking Team&#8217;s internal notes,<\/p>\n<p><strong>Use-after-free vulnerability<\/strong> present in the <strong>ByteArray class <\/strong>located in the <strong>ActionScript 3<\/strong> (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-5122\"><strong>CVE-2015-5122<\/strong><\/a><strong> :<\/strong><\/li>\n<\/ul>\n<p>The critical zero-day vulnerability in Adobe Flash is a Use-After-Free() programming flaw (CVE-2015-5122) which is similar to the CVE-2015-5119.<\/p>\n<p><strong>Use-after-free vulnerability<\/strong> present \u00a0in the <strong>DisplayObject class<\/strong> located \u00a0in the <strong>ActionScript 3<\/strong> (AS3) implementation in Adobe Flash Player 13.x on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property.<\/p>\n<p>&#8220;<em>Successful exploitation [of CVE-2015-5122 flaw] could cause a crash and potentially allow an attacker to take control of the affected system<\/em>,&#8221; Adobe said.<\/p>\n<p>Adobe credited FireEye researcher <strong>Dhanesh Kizhakkinan<\/strong> for reporting the vulnerability found \u00a0in stolen data leaked from Hacking Team.<\/p>\n<p>The flaw can be exploited by <strong><em>freeing a TextLine object within the valueOf function<\/em><\/strong> of a custom class when setting the TextLine&#8217;s opaqueBackground. As explained by FireEye researchers:<\/p>\n<p>&#8220;Once the TextLine object is freed, a Vector object is allocated in its place. Returning from <em>valueOf<\/em> will overwrite the length field of Vector object with a value of <strong>106<\/strong>. (Initial length is 98).<\/p>\n<p>Exploitation continues by finding the corrupted Vector object by its length, which will be greater than <strong>100<\/strong>.<\/p>\n<p>This enables the object to change an adjacent Vector object&#8217;s length to <strong>0x40000000<\/strong>.<\/p>\n<p>Once exploit achieves this, it follows the same mechanism that was used in CVE-2015-5119 PoC.&#8221;<\/p>\n<p>This, in turn, allows for attackers to execute shellcode, which pops up a calculator<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-5123\"><strong>CVE-2015-5123<\/strong><\/a><strong> :<\/strong><\/li>\n<\/ul>\n<p><strong>Use-after-free vulnerability<\/strong> present \u00a0in the <strong>BitmapData class<\/strong> located \u00a0in the <strong>ActionScript 3<\/strong> (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.<\/p>\n<p>The vulnerability can be triggered by the following steps:<\/p>\n<p>1) \u00a0From a new BitmapData object, prepare <strong>2 Array objects<\/strong>, new 2 MyClass objects, and assign the MyClass object to each Array objects.<\/p>\n<p>2 ) \u00a0Once the valueOf function of MyClass is override, it calls the BitmapData.paletteMap with the 2 Array objects as parameters. The BitmapData.paletteMap will <strong>trigger the valueOf <\/strong>function.<\/p>\n<p>3) \u00a0 In the valueOf function, it will call <strong>BitmapData.dispose()<\/strong> to dispose the underlying memory of BitmapData object, thus causing Flash Player to crash.<\/p>\n<p><strong>Steps to exploit flash zero day vulnerability with metasploit :<\/strong><\/p>\n<p>Note: This tutorial is for informational purposes only.<\/p>\n<ol>\n<li>First download the exploit code by creating an empty document and name it:<\/li>\n<\/ol>\n<p><a href=\"https:\/\/github.com\/rapid7\/metasploit-framework\/blob\/master\/modules\/exploits\/multi\/browser\/adobe_flash_hacking_team_uaf.rb\"><strong><em>Adobe_Flash_HackingTeam_exploit.rb<\/em><\/strong><\/a><\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1210\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image1-300x190.png\" alt=\"image1\" width=\"532\" height=\"337\" \/><\/a>Figure 1:Download the Exploit\u00a0 \u00a0<strong> <em>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/em><\/strong><\/p>\n<ol start=\"2\">\n<li style=\"text-align: center;\">download the payload from here: <a href=\"https:\/\/github.com\/rapid7\/metasploit-framework\/tree\/master\/data\/exploits\/CVE-2015-5122\">https:\/\/github.com\/rapid7\/metasploit-framework\/tree\/master\/data\/exploits\/CVE-2015-5122<\/a><\/li>\n<\/ol>\n<p><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image2.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1211\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image2-300x195.png\" alt=\"image2\" width=\"480\" height=\"312\" \/><\/a><\/p>\n<p style=\"text-align: center;\">\u00a0 \u00a0 \u00a0 Figure 2:Download the Exploit<\/p>\n<ol start=\"3\">\n<li>Add it to the following directory:<\/li>\n<\/ol>\n<p><strong><em>\/usr\/share\/metasploit-framework\/data\/exploits\/CVE-2015-5119\/msf.swf<\/em><\/strong><\/p>\n<p><strong><em>\u00a0<\/em><\/strong><\/p>\n<ol start=\"4\">\n<li>Now copy the exploit code and paste it into the empty document.<\/li>\n<\/ol>\n<p>Use the following command to copy the file from the root\/desktop to the Metasploit framework modules folder (create the flash folder if it is not here):<\/p>\n<p><strong><em>mv \/root\/Desktop\/Adobe_Flash_HackingTeam_exploit.rb \/usr\/share\/metasploit-framework\/modules\/exploits\/windows\/flash\/<\/em><\/strong><\/p>\n<p><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image3.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1212\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image3-300x189.png\" alt=\"image3\" width=\"459\" height=\"289\" \/><\/a><\/p>\n<p style=\"text-align: center;\">\u00a0Figure 3: Move the Exploit in exploit-Modules<\/p>\n<ol start=\"5\">\n<li>You can use the following command to check whether the file has been actually copied to the destination folder:<\/li>\n<\/ol>\n<p><strong><em>ls \u00a0\/usr\/share\/metasploit-framework\/modules\/exploits\/windows\/flash\/<\/em><\/strong><\/p>\n<p><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image4.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1213\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image4-300x190.png\" alt=\"image4\" width=\"445\" height=\"282\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image4-300x190.png 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image4-1024x649.png 1024w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image4-768x487.png 768w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image4-660x420.png 660w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image4.png 1193w\" sizes=\"(max-width: 445px) 100vw, 445px\" \/><\/a><\/p>\n<p style=\"text-align: center;\">\u00a0Figure 4: Confirm the destination folder<\/p>\n<ol start=\"6\">\n<li>open a new terminal and start Metasploit (and following services if not already started) using the following command(s):<\/li>\n<\/ol>\n<p><strong><em>service postgresql start<\/em><\/strong><\/p>\n<p><strong><em>service metasploit start<\/em><\/strong><\/p>\n<p><strong><em>msfconsole<\/em><\/strong><\/p>\n<p><strong><em>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/em><\/strong><\/p>\n<p><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image5.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1214\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image5-300x189.png\" alt=\"image5\" width=\"460\" height=\"290\" \/><\/a><\/p>\n<p style=\"text-align: center;\">\u00a0Figure 5: Start msfconsole<\/p>\n<ol start=\"7\">\n<li>Now we have got Metasploit started and running with our newly imported exploit in it, we can use the following command to search for it:<\/li>\n<\/ol>\n<p><strong><em>search hackingteam<\/em><\/strong><\/p>\n<p>After this use the following command to use the newly added exploit module:<\/p>\n<p><strong><em>use exploit\/windows\/flash\/Adobe_Flash_HackingTeam_Exploit<\/em><\/strong><\/p>\n<p>Let\u2019s check the options for Metasploit CVE-2015-5122 module with the \u00a0\u00a0\u00a0\u00a0following command:<\/p>\n<p><strong><em>show options<\/em><\/strong><\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image6.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1215\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image6-300x192.png\" alt=\"image6\" width=\"468\" height=\"299\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image6-300x192.png 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image6-1024x657.png 1024w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image6-768x493.png 768w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image6-660x420.png 660w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/image6.png 1174w\" sizes=\"(max-width: 468px) 100vw, 468px\" \/><\/a>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Figure 6: Trigger the Exploit<strong><em> \u00a0<\/em><\/strong> \u00a0 \u00a0<strong><em>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\u00a0<\/em><\/strong><\/p>\n<ol start=\"8\">\n<li>We will keep the default options and type \u201cexploit\u201d to trigger our exploit:<\/li>\n<\/ol>\n<p><strong><em>Exploit<\/em><\/strong><\/p>\n<ol start=\"9\">\n<li>Let\u2019s open the link from a Windows 7 virtual machine with a vulnerable browser (Firefox) and a vulnerable version of Flash Player (&lt; 18.0.0.203) installed.<\/li>\n<\/ol>\n<p><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image7.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1216\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/image7-300x176.png\" alt=\"image7\" width=\"528\" height=\"310\" \/><\/a><\/p>\n<p style=\"text-align: center;\">\u00a0Figure 7: Send the Link to the victim<\/p>\n<p><strong><em>CounterMeasures:<\/em><\/strong><\/p>\n<p>How to avoid getting infected by these exploits\u2026<\/p>\n<p>\u2013 Update Flash Player and make sure that \u00a0it is up-to-date: <a href=\"https:\/\/get.adobe.com\/flashplayer\/\">https:\/\/get.adobe.com\/flashplayer\/<\/a><\/p>\n<p>If you\u2019re unsure whether your browser has Flash installed or what version it is running, you can browse to this link : <a href=\"https:\/\/www.adobe.com\/software\/flash\/about\/\">https:\/\/www.adobe.com\/software\/flash\/about\/<\/a><\/p>\n<p>\u2013 Install security patches if any and keep your OS updated.<\/p>\n<p>\u2013 Keep your browser updated.<\/p>\n<p><strong><em>References:<\/em><\/strong><\/p>\n<p><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi\"><em>https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi<\/em><\/a><\/p>\n<p><a href=\"https:\/\/github.com\/hackedteam\"><em>https:\/\/github.com\/hackedteam<\/em><\/a><\/p>\n<p><a href=\"https:\/\/www.adobe.com\/software\/flash\/about\/\">https:\/\/www.adobe.com\/software\/flash\/about\/<\/a><\/p>\n<p><a href=\"http:\/\/blog.trendmicro.com\/\"><em>http:\/\/blog.trendmicro.com\/<\/em><\/a><\/p>\n<p><a href=\"https:\/\/www.fireeye.com\"><em>https:\/\/www.fireeye.com<\/em><\/a><\/p>\n<p>&nbsp;<\/p>\n<p><strong><em>Author<\/em><\/strong><em>:\u00a0<\/em><\/p>\n<p><em>Attack &amp; PenTest Team,<\/em><\/p>\n<p><em>Varutra Consulting<\/em><\/p>","protected":false},"excerpt":{"rendered":"<p>Hacking Team is a Milan-based information technology company that sells offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations.Its &#8220;Remote Control Systems&#8221;&#8230;<\/p>\n","protected":false},"author":3,"featured_media":3232,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[276,270,282,266,274,280,283],"tags":[],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"kalpadmin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Varutra Consulting\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Adobe Flash Player Zero Day Attack Found In Hacking Team\" \/>\n\t\t<meta property=\"og:description\" content=\"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/Adobe-flash.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/Adobe-flash.png\" \/>\n\t\t<meta property=\"og:image:width\" content=\"1120\" \/>\n\t\t<meta property=\"og:image:height\" content=\"750\" \/>\n\t\t<meta property=\"article:section\" content=\"Cyber Attack\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2015-10-24T13:47:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2023-03-23T11:10:10+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Adobe Flash Player Zero Day Attack Found In Hacking Team\" \/>\n\t\t<meta name=\"twitter:description\" content=\"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/Adobe-flash.png\" \/>\n\t\t<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t\t<meta name=\"twitter:data1\" content=\"kalpadmin\" \/>\n\t\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#article\",\"name\":\"Adobe Flash Player Zero Day Attack Found In Hacking Team\",\"headline\":\"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked\",\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2015\\\/10\\\/Adobe-flash.png\",\"width\":1120,\"height\":750,\"caption\":\"Adobe flash\"},\"datePublished\":\"2015-10-24T13:47:00+05:30\",\"dateModified\":\"2023-03-23T16:40:10+05:30\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#webpage\"},\"articleSection\":\"Cyber Attack, Data Leakage, Patch Management, Security Advisory, Security Hardening, Viruses &amp; Malware, Zero Day Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/category\\\/security-advisory\\\/#listItem\",\"name\":\"Security Advisory\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/category\\\/security-advisory\\\/#listItem\",\"position\":2,\"name\":\"Security Advisory\",\"item\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/category\\\/security-advisory\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#listItem\",\"name\":\"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#listItem\",\"position\":3,\"name\":\"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/category\\\/security-advisory\\\/#listItem\",\"name\":\"Security Advisory\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\",\"name\":\"Varutra\",\"description\":\"Secure your digital world with our Cybersecurity services.\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Varutra-Found-e1612984024606.jpg\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#organizationLogo\"},\"image\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#organizationLogo\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/\",\"name\":\"kalpadmin\",\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d69b4bf504d3e2e3c6ad0c424e16bcb2?s=96&d=mm&r=g\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#webpage\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/\",\"name\":\"Adobe Flash Player Zero Day Attack Found In Hacking Team\",\"description\":\"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2015\\\/10\\\/Adobe-flash.png\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#mainImage\",\"width\":1120,\"height\":750,\"caption\":\"Adobe flash\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\\\/#mainImage\"},\"datePublished\":\"2015-10-24T13:47:00+05:30\",\"dateModified\":\"2023-03-23T16:40:10+05:30\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"name\":\"Varutra Consulting\",\"description\":\"Secure your digital world with our Cybersecurity services.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>Adobe Flash Player Zero Day Attack Found In Hacking Team<\/title>\n\n","aioseo_head_json":{"title":"Adobe Flash Player Zero Day Attack Found In Hacking Team","description":"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.","canonical_url":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#article","name":"Adobe Flash Player Zero Day Attack Found In Hacking Team","headline":"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked","author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/Adobe-flash.png","width":1120,"height":750,"caption":"Adobe flash"},"datePublished":"2015-10-24T13:47:00+05:30","dateModified":"2023-03-23T16:40:10+05:30","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#webpage"},"isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#webpage"},"articleSection":"Cyber Attack, Data Leakage, Patch Management, Security Advisory, Security Hardening, Viruses &amp; Malware, Zero Day Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3#listItem","position":1,"name":"Home","item":"https:\/\/www.varutra.com\/varutravrt3","nextItem":{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/category\/security-advisory\/#listItem","name":"Security Advisory"}},{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/category\/security-advisory\/#listItem","position":2,"name":"Security Advisory","item":"https:\/\/www.varutra.com\/varutravrt3\/category\/security-advisory\/","nextItem":{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#listItem","name":"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked"},"previousItem":{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#listItem","position":3,"name":"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked","previousItem":{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/category\/security-advisory\/#listItem","name":"Security Advisory"}}]},{"@type":"Organization","@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization","name":"Varutra","description":"Secure your digital world with our Cybersecurity services.","url":"https:\/\/www.varutra.com\/varutravrt3\/","logo":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/Varutra-Found-e1612984024606.jpg","@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#organizationLogo"},"image":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#organizationLogo"}},{"@type":"Person","@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author","url":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/","name":"kalpadmin","image":{"@type":"ImageObject","url":"https:\/\/secure.gravatar.com\/avatar\/d69b4bf504d3e2e3c6ad0c424e16bcb2?s=96&d=mm&r=g"}},{"@type":"WebPage","@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#webpage","url":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/","name":"Adobe Flash Player Zero Day Attack Found In Hacking Team","description":"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#website"},"breadcrumb":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#breadcrumblist"},"author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"creator":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2015\/10\/Adobe-flash.png","@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#mainImage","width":1120,"height":750,"caption":"Adobe flash"},"primaryImageOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/#mainImage"},"datePublished":"2015-10-24T13:47:00+05:30","dateModified":"2023-03-23T16:40:10+05:30"},{"@type":"WebSite","@id":"https:\/\/www.varutra.com\/varutravrt3\/#website","url":"https:\/\/www.varutra.com\/varutravrt3\/","name":"Varutra Consulting","description":"Secure your digital world with our Cybersecurity services.","inLanguage":"en-US","publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"}}]},"og:locale":"en_US","og:site_name":"Varutra Consulting","og:type":"article","og:title":"Adobe Flash Player Zero Day Attack Found In Hacking Team","og:description":"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.","og:url":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/","og:image":"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/Adobe-flash.png","og:image:secure_url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/Adobe-flash.png","og:image:width":"1120","og:image:height":"750","article:section":"Cyber Attack","article:published_time":"2015-10-24T13:47:00+00:00","article:modified_time":"2023-03-23T11:10:10+00:00","twitter:card":"summary_large_image","twitter:title":"Adobe Flash Player Zero Day Attack Found In Hacking Team","twitter:description":"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following Zero Day Attack in Adobe Flash Player in their data.","twitter:image":"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/Adobe-flash.png","twitter:label1":"Written by","twitter:data1":"kalpadmin","twitter:label2":"Est. reading time","twitter:data2":"5 minutes"},"aioseo_meta_data":{"post_id":"1207","title":"Adobe Flash Player Zero Day Attack Found In Hacking Team&nbsp;","description":"The Recent Cyber Attack that exposed 400GB of data belonging to Hacking Team has following&nbsp;Zero Day Attack in Adobe Flash Player in their data.","keywords":[],"keyphrases":{"focus":{"keyphrase":"Zero day","score":88,"analysis":{"keyphraseInTitle":{"score":9,"maxScore":9,"error":0},"keyphraseInDescription":{"score":9,"maxScore":9,"error":0},"keyphraseLength":{"score":9,"maxScore":9,"error":0,"length":2},"keyphraseInURL":{"score":5,"maxScore":5,"error":0},"keyphraseInIntroduction":{"score":3,"maxScore":9,"error":1},"keyphraseInSubHeadings":[],"keyphraseInImageAlt":{"score":9,"maxScore":9,"error":0}}},"additional":[{"keyphrase":"Zero day Attack","score":67,"analysis":{"keyphraseInDescription":{"score":9,"maxScore":9,"error":0},"keyphraseLength":{"score":9,"maxScore":9,"error":0,"length":3},"keyphraseInIntroduction":{"score":3,"maxScore":9,"error":1},"keyphraseInImageAlt":{"score":3,"maxScore":9,"error":1}}}]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"featured","og_image_url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2015\/10\/Adobe-flash.png","og_image_width":"1120","og_image_height":"750","og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":"Cyber Attack","og_article_tags":[],"twitter_use_og":true,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"Article","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":"{\"article\":{\"articleType\":\"BlogPosting\"},\"course\":{\"name\":\"\",\"description\":\"\",\"provider\":\"\"},\"faq\":{\"pages\":[]},\"product\":{\"reviews\":[]},\"recipe\":{\"ingredients\":[],\"instructions\":[],\"keywords\":[]},\"software\":{\"reviews\":[],\"operatingSystems\":[]},\"webPage\":{\"webPageType\":\"WebPage\"}}","pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"limit_modified_date":false,"reviewed_by":null,"open_ai":null,"created":"2021-10-27 15:18:04","updated":"2026-05-24 09:05:50","ai":null,"breadcrumb_settings":null,"seo_analyzer_scan_date":"2026-05-22 13:46:04"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\/category\/security-advisory\/\" title=\"Security Advisory\">Security Advisory<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\tAdobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.varutra.com\/varutravrt3"},{"label":"Security Advisory","link":"https:\/\/www.varutra.com\/varutravrt3\/category\/security-advisory\/"},{"label":"Adobe Flash Player Zero Day Attacks Found In Hacking Team Data Leaked","link":"https:\/\/www.varutra.com\/varutravrt3\/adobe-flash-player-zero-day-attacks-found-in-hacking-team-data-leaked\/"}],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/1207"}],"collection":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/comments?post=1207"}],"version-history":[{"count":5,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/1207\/revisions"}],"predecessor-version":[{"id":21192,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/1207\/revisions\/21192"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media\/3232"}],"wp:attachment":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media?parent=1207"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/categories?post=1207"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/tags?post=1207"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}