Home > Client Side Attacks > Beta release of PDFInjector

Beta release of PDFInjector

September 21, 2009 Leave a comment Go to comments

I just wrote this script that I called PDFInjector. Its available at http://code.google.com/p/pdfinjector/
It injects the Collab getIcon exploit available at http://milw0rm.com/exploits/9579 into any non-password protected PDFs.

You can check out the video here.

http://www.securitytube.net/Exploitation-u…t%29-video.aspx

I’m thinking of integrating it with some MITM tools for pdf on the fly replacement either via iframe or normal link replacement or integrating some email sending functions into the script.

I have only tested this in BT4 and Windows XP. Let me know if this doesnt work for you. Thanks

Categories: Client Side Attacks
  1. james h
    November 24, 2009 at 12:04 pm
    Reply

    the download link isnt working.Maybe upload to rapidshare or mediafire?

    • milo2012
      November 24, 2009 at 9:46 pm
      Reply

      Google deleted my project site w/o informing me. I recreated the new site. You can download it here.
      Let me know if it doesnt work. I’m not sure if this is the latest code release.
      http://code.google.com/p/pdfinjector1

  2. Dlee
    January 15, 2010 at 3:56 pm
    Reply

    Your script sounds great and I would like to try but I’m not able to download it. Could you email me or repost to google? Thanks!

  3. Hmm
    January 19, 2010 at 4:19 pm
    Reply

    They’ve deleted that one to…

  4. Danny
    February 13, 2010 at 5:12 pm
    Reply

    Hello :)—
    the link is not work?

    “Your client does not have permission to get URL /p/pdfinjector1/ from this server.”

    upload to mediafire maybe?

    thanks

  5. mj
    February 15, 2010 at 6:11 am
    Reply

    hi milo i cannot get this no permission error from code.google.com please upload them else where

  6. milo2012
    February 15, 2010 at 10:00 am
    Reply

    I have uploaded it to http://rapidshare.com/files/351021889/pdfinjector7.zip
    Please let me know if anyone of you still have any issues downloading. Thanks

  7. Danny
    February 16, 2010 at 3:40 am
    Reply

    The link is working fine now.. the zip file is password protected.. so Password? 😛

    thank u..

  8. milo2012
    February 16, 2010 at 3:58 am
    Reply

    The password is ‘password’ without the quotes (:

  9. Mike
    February 24, 2010 at 9:31 pm
    Reply

    The Google Code page gives this error:

    Forbidden
    Your client does not have permission to get URL /p/pdfinjector/ from this server.

  10. Mike
    February 26, 2010 at 7:55 pm
    Reply

    Thanks Milo,

    I tried the script in Acrobat Reader 8 and it did successfuly open port 4444 (on a WinXP SP3 box), but the port closed as soon as Acrobat Reader closed. Is that how it’s supposed to work?

    Also, as soon as I connect from a remote box running metasploit to port 4444, Acrobat Reader crashes.

    p.s. Is version 8 or 9 of your script available some place other than Google?

  11. yang
    November 3, 2011 at 5:09 pm
    Reply

    http://rapidshare.com/files/351021889/pdfinjector7.zip
    this link is also deleted..
    how can I get a pdfinjector?

  1. No trackbacks yet.

Leave a comment