PDF Shaper Buffer Overflow
PDF Shaper is prone to a security vulnerability when processing PDF files. The vulnerability appears when we use Convert PDF to Image and use a specially crafted PDF file. This module has been tested successfully on Win XP, Win 7, Win 8, Win 10.
- metacom27 <metacom27 [at] gmail.com - twitter.com/m3tac0m>
- <Win Xp, Win 7, Win 8, Win 10 / PDF Shaper v.3.5 and v.3.6>
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/windows/fileformat/shaper_pdf_bof msf exploit(shaper_pdf_bof) > show targets ...targets... msf exploit(shaper_pdf_bof) > set TARGET <target-id> msf exploit(shaper_pdf_bof) > show options ...show and set options... msf exploit(shaper_pdf_bof) > exploit