Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: adobe_pdf_embedded_exe working? msf 3.3 dev windows

From: egypt () metasploit com
Date: Fri, 6 Nov 2009 13:12:22 -0700
I can't reproduce this on Linux or Windows using
documentation/users_guide.pdf as the INFILENAME.  Can you send the
original PDF you used?

Thanks,
egypt

On Sun, Oct 11, 2009 at 7:06 PM,  <thesels1 () hushmail me> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi,

no evil.pdf is created in c:\pentest\data\. using msf 3.3 dev/win.

msf exploit(adobe_pdf_embedded_exe) > show options

Module options:

  Name        Current Setting      Required  Description
  ----        ---------------      --------  -----------
  EXENAME     c:/pentest/calc.exe  no        The Name of payload
exe.
  FILENAME    evil.pdf             no        The output filename.
  INFILENAME  c:/pentest/1.pdf     no        The Input PDF
filename.
  OUTPUTPATH  c:/pentest/data/     no        The location to
output the file.


Payload options (windows/meterpreter/bind_tcp):

  Name      Current Setting  Required  Description
  ----      ---------------  --------  -----------
  EXITFUNC  thread           yes       Exit technique: seh,
thread, process
  LPORT     4444             yes       The local port
  RHOST                      no        The target address


Exploit target:

  Id  Name
  --  ----
  0   Adobe Reader v8.x, v9.x (Windows XP SP3 English)

[*] Started bind handler
[*] Reading in 'c:/pentest/1.pdf'...
[*] Parseing 'c:/pentest/1.pdf'...
[*] Parseing Successfull.
[*] Using 'c:/pentest/calc.exe' as payload...
[-] Exploit failed: key not found
[*] Exploit completed, but no session was created.

cheers,
sels1
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAkrSjyUACgkQhx5k37N4+4D17AP/TS9TrYcj1q17to7EOA5z1+GYFtE3
1BBswhoxVtUE2UwGBNFvu57oVzGY/7rhfoY0A3h3Y5e1Ek3bthDkqewIH+SNReIe9+tc
2Oj3z9xB4neupTA5MHu+EsYyDK0lPCvEcn+AwO0FSaIWUNYbkVf8MhTHGeAeS0fQkSUD
9N5WqFc=
=5+ec
-----END PGP SIGNATURE-----

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: