Re: windows/fileformat/adobe_pdf_embedded_exe no more working

[Thomas Werth <security () vahle de>]

Well i'm sorry this is not what i'm getting.

In previous svn version it work like described even under foxitreader
and pdf xchangeviewer and Acrobat Reader.

Latest Version claims (depending on viewer) about cmd.exe not found or
tries to execute *.pdf instead of *.exe

As it is "just javascript" (correct me if i'm wrong) that is executed,
it should run browser independent ( i'm talking about executing custom
exe, not a payload). Or did i get something wrong here ?



Am 02.03.2010 19:27, schrieb Joshua J. Drake:
> Yeah, this sounds exactly what should be expected from this module.
> Is this what you're getting Thomas?
>
> The payload won't execute if you choose to save the file to some place
> other than the current user's desktop or documents directories. This
> is a known limitation of the current version. 
>
> NOTE: This issue is being tracked as:
> http://www.metasploit.com/redmine/issues/959
>
> Joshua J. Drake
>
> On Tue, Feb 23, 2010 at 10:48:18PM -0800, One Time wrote:
> > Same here.
> > svn r8609
> > Adobe Reader 9.0 (English) on Windows XP SP3 (English).
> >
> > ________________________________
> > Da: Tedi Heriyanto <tedi.heriyanto () gmail com>
> > A: framework () spool metasploit com
> > Inviato: Mer 24 febbraio 2010, 03:57:41
> > Oggetto: Re: [framework] windows/fileformat/adobe_pdf_embedded_exe no more working
> >
> > Hi,
> >
> > On 02/23/2010 11:44 PM, Joshua J. Drake wrote:
> > > On Mon, Feb 22, 2010 at 01:48:24PM +0100, Thomas Werth wrote:
> > > > Hello,
> > > >
> > > > it seems that in latest svn version of msf the exploit module
> > > > windows/fileformat/adobe_pdf_embedded_exe is no more working as expected.
> > > > An ebemdded exe isn't executed anymore.
> > > > I'm getting various error msg depending on pdf viewser use. Those are
> > > > ranging von cmd.exe not found to "name of PDF" not found.
> > > >
> > > > Basicly i've tested this module with custom infile and custom exe
> > > > combinded with generic/debug payload and from the set framework in
> > > > backtrack using vnc payload.
> > > > Both produce same error.
> > > >
> > > > In previous versions of msf this module worked fine ...
> > >
> > > Thomas,
> > >
> > > We would love to fix this!  Unfortunately, we need alot more
> > > information about the softwares (PDF viewer) being used, the platform
> > > it is being opened on, the actual custom files you're using, etc. The
> > > platform that you are using to generate the output file isn't likely
> > > to affect this, but we can't rule it out at this point.
> >
> > I am able to create the PDF with embedded EXE payload. But when the PDF is open,
> > it will ask where to store the payload (disguise as PDF file), then the PDF
> > reader will ask the user again whether to open that payload. After that the
> > payload is executed.
> >
> > Here is my testing config :
> > - Adobe Reader 8.1.2 and 9.1.0 in WinXP SP3
> > - The payload is meterpreter
> > - Framework: 3.3.4-dev.8596
> > - Console  : 3.3.4-dev.8615
> >
> > -- 
> > Best Regards,
> >
> > Tedi Heriyanto
> > Website        : http://tedi.heriyanto.net
> > Blog        : http://theriyanto.wordpress.com
> > PGP Key ID      : 0xAC22DD11
> > PGP Fingerprint : 470A FF01 B4CF 93A4 78E5 0EAC 0103 BC76 AC22 DD11
> >
> >
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework