pdf shaper buffer overflow

All posts tagged pdf shaper buffer overflow

Good evening friends. Today we will see how to exploit a Windows 7 system with PDF shaper buffer overflow exploit which exploits a vulnerability in PDF shaper 3.4. To those newbies who don’t know what is PDF shaper, it is a “collection of free PDF tools, which allows you to merge, split, encrypt and decrypt PDFs, convert images to PDF, convert PDF to Word RTF or images, extract text and images from PDF. ”

We will use Kali Linux as the attacker machine for hacking Windows 7. ┬áStart Metasploit and search for “pdf shaper” exploit. as shown below.

pdfshaper2

 

pdfshaper3

Copy the exploit path as shown above and load the exploit as shown below. Set the payload as “windows/meterpreter/reverse_tcp”.

pdfshaper4

Set the IP address of Kali Linux as LHOST. Type command “exploit”. A pdf file will be created as shown below.

pdfshaper5

We have to send this pdf file to our target. Before that, we will have to start a listener for this specific exploit. Load the following exploit and payload as given in the below image.

pdfshaper6

Set lhost and lport exactly as same as the values we have given above. Type command “exploit”.

pdfshaper7

Now send the file to our target. When he uses PDF shaper to convert our pdf to image as shown below

pdfshaper1

pdfshaper8

pdfshaper9

we get a meterpreter session on our attacker system as shown below.

pdfshaper10