Earlier this year several people have found a “vulnerability” in PDF format, which allows arbitrary code execution on file open. Two types of the vulnerability were published: with JavaScript usage and without.
After fluent studying of a format and specifics of this problem the program for executables injection into pdf files has been developed. Certainly, there will be a warning at pdf file opening, however, there is a possibility to display any text in the warning window (actual for Acrobat Reader 9.*).

Program features:
[+] Custom warning text
[+] Custom temporary vbs name (used for exe file creation)
[+] Custom temporary exe name
[+] Exe deletion after specified delay

The program interface is extremely simple and looks like this:

Download: Exe2Pdf (password: coder.pub)

PHP Obfuscator by dx

Here is a nice PHP-code obfuscator.

It can:
[+] obfuscate variable names
[+] obfuscate function names
[+] encode static strings
[+] obfuscate built-in PHP functions names
[+] obfuscate INTEGERs
[+] compress the script
[+] archivate the script
[+] add some trash-comments
[+++] do lots of other interesting functions

The obfuscator does not support eval() and $$var_name constructions.



Site File Checker

Here is the script allowing you to check the integrity of your site’s files.

Site File Checker script will help you to know, that all of files on your site was not changed without your notice, that they don’t contain any virus, exploit or backdoor inserts. Script will count checksums of all of your files situated in the script root directory and also in nested directories. Then script will also save all last change timestamps of files.

While checking, the script will show directory changes (it will show new ones and deleted), file changes (it will display deleted, created and modified files).

It is recommended to remove the script from your server each time you create checksums to make it safe to hacker’s changes.

Before the first use, open the script in the notepad and edit your administrator’s login and password.

The script can be downloaded here.