Adobe Flash Player Primetime SDK Use-After-Free RCE

This repository contains a proof-of-concept exploit for CVE-2018-4878, a critical use-after-free vulnerability in Adobe Flash Player. The main file, Flashp0c.py, is a Python script that generates a malicious SWF file containing Windows shellcode (calc.exe) and an HTML file that embeds the SWF. The script then starts a local HTTP server on port 8080, serving these files to potential victims. When a vulnerable browser loads the index.html page, the embedded SWF triggers the vulnerability, resulting in execution of the shellcode (calc.exe) on the victim's Windows system. The exploit is operational, with a hardcoded payload, and is intended for demonstration and research purposes. The README provides context and credits, referencing the original PoC and the author's modifications.

This repository is a proof-of-concept (POC) exploit for CVE-2018-4878, a use-after-free vulnerability in Adobe Flash Player (version 27, 32-bit). The exploit is implemented as a malicious SWF file, with supporting ActionScript 3 source code in the 'src' directory. The main exploit logic is in 'Main.as', which triggers the vulnerability by manipulating DRM event listeners and ByteArray objects, resulting in a corrupted ByteArray with arbitrary memory read/write capabilities. The 'bin/index.html' file is used to load the SWF in a browser environment, leveraging 'swfobject.js' for embedding. The exploit does not include a weaponized payload but demonstrates the ability to gain memory access, which can be used for further exploitation. The repository is structured for research and demonstration purposes, with clear separation between source, build, and deployment files. No hardcoded network endpoints or external C2 infrastructure are present; the attack is delivered via a browser loading the malicious SWF.