PoC in PDF Reader

Irgendwie wundert mich das, warum die jetzt erster drauf gekommen sind...
Gut der PoC ist ein spezieller, aber dadruch, dass PDF so weit verbreitet ist, dachte ich es gäbe schon so was.

This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability!

I use a launch action triggered by the opening of my PoC PDF. With Adobe Reader, the user gets a warning asking for approval to launch the action, but I can (partially) control the message displayed by the dialog. Foxit Reader displays no warning at all, the action gets executed without user interaction.

• Escape From PDF

via: pop-urls.de

631 hits

< Vorheriger | Nächster >

Related Links:

Trackback specific URI for this entry

Display comments as (Linear | Threaded)

RSS 2.0 Feed (Comments) for this post

No comments

In reply to

Subscribe to this entry

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.

Standard emoticons like :-) and ;-) are converted to images.

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA