Adobe Reader util.printf() buffer overflow

PDF is one of the most widely used formats for sharing files and documents. So, using it as a potential weapon to exploit the target machine can be a fruitful idea. Adobe Reader is the most popular PDF file reader tool. The exploit we will discuss here is a vulnerability existing in Adobe Reader prior to versions 8.1.3. The exploit works by creating a malicious PDF file which, when opened in vulnerable versions of Adobe Reader, causes a buffer overflow and allows an arbitrary code execution.

Getting ready

The exploit process is very similar to those we have discussed so far in this chapter. Almost all client-side attacks work in a similar manner in which we first generate a malicious file/link and then ...

Get Metasploit Penetration Testing Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.