marco

blog

Menu:

• home
• publications
• projects
• blog

Liberty exploit toolkit

October 8, 2009

Here is another exploit toolkit that has been making the rounds recently: the Liberty exploit pack. Most notably, in mid-September, Liberty was used in a drive-by-download campaign that injected iframes pointing at searra-ditol.cn and embrari-1.cn into a large number of vulnerable web sites.

A couple of pages from the toolkit admin panel:

• The browser statistics page:

• The referrer statistics page:

Finally, you can see the Wepawet domain report for searra-ditol.cn and for embrari-1.cn.

Posted by marco in javascript, wepawet