adobe_pdf_embedded_exe.rb Patch Suggestion

[Jeremy <jeremy () sudosecure net>]

Not sure if this is where I should submit this but I have a simple fix
for the exploit module
"modules/exploit/windows/fileformat/adobe_pdf_embedded_exe", as it was
erroring out on a PDF file I was using as the "INFILENAME".  The issue
is the the "/Info" is an optional key within the PDF Trailer
specification and not required.  Reference page 42 of
http://www.adobe.com/devnet/acrobat/pdfs/PDF32000_2008.pdf  Obviously
it was kicking out because my input PDF file didn't have the "/Info"
key which lead to me looking into what was wrong.

The error occurs on line 365 of
"modules/exploit/windows/fileformat/adobe_pdf_embedded_exe" which is
this:
new_pdf << "/Info #{trailers[0].fetch("Info")} R>>\r\n"

A quick fix to prevent the erroring out is to check if the hash key
exists, so my quick fix was to change it to this:
if trailers[0].has_key?("Info")
      new_pdf << "/Info #{trailers[0].fetch("Info")} R>>\r\n"
end

I am Ruby n00b so there may be a better or more optimal method to
check if the key exists, but this worked for me.

--jeremy
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework