Adobe Acrobat Reader ASLR/DEP Bypass Exploit with SANDBOX BYPASS

Supported Adobe Reader Versions:

* 11.0.1
* 11.0.0

* 10.1.5
* 10.1.4
* 10.1.3
* 10.1.2
* 10.1

* 9.5

Tested on:

* Windows 7 (32 bit)
* Windows 7 (64 bit)
* Windows XP

Script Requirements:

* Run on Windows 🙂
* Ruby 1.9.x (http://rubyforge.org/frs/download.php/76752/rubyinstaller-1.9.3-p385.exe)
* Gems: origami, metasm (In command prompt type, gem install metasm && gem install origami -v “=1.2.5”)

FYI:
a. It’s a rip, of the original exploit.
b. Works most of the times.
c. We never really got into completing our script options though.

ruby xfa_MAGIC.rb -h
Usage: xfa_MAGIC.rb [options]
-i, –input [FILE] Input PDF. If provided, exploit will be injected into it (optional)
-p, –payload [FILE] PE executable to embed in the payload
–low-mem Use Heap spray suitable for low memory environment
-o, –output [FILE] File path to write output PDF
-h, –help Show help
(Some commands are not supported at the moment)

ruby xfa_MAGIC.rb -p example.exe -o poc.pdf